linux - security update

2022-05-02T00:00:00

Description

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. * [CVE-2021-4197](https://security-tracker.debian.org/tracker/CVE-2021-4197) Eric Biederman reported that incorrect permission checks in the cgroup process migration implementation can allow a local attacker to escalate privileges. * [CVE-2022-0168](https://security-tracker.debian.org/tracker/CVE-2022-0168) A NULL pointer dereference flaw was found in the CIFS client implementation which can allow a local attacker with CAP\_SYS\_ADMIN privileges to crash the system. The security impact is negligible as CAP\_SYS\_ADMIN inherently gives the ability to deny service. * [CVE-2022-1016](https://security-tracker.debian.org/tracker/CVE-2022-1016) David Bouman discovered a flaw in the netfilter subsystem where the nft\_do\_chain function did not initialize register data that nf\_tables expressions can read from and write to. A local attacker can take advantage of this to read sensitive information. * [CVE-2022-1048](https://security-tracker.debian.org/tracker/CVE-2022-1048) Hu Jiahui discovered a race condition in the sound subsystem that can result in a use-after-free. A local user permitted to access a PCM sound device can take advantage of this flaw to crash the system or potentially for privilege escalation. * [CVE-2022-1158](https://security-tracker.debian.org/tracker/CVE-2022-1158) Qiuhao Li, Gaoning Pan, and Yongkang Jia discovered a bug in the KVM implementation for x86 processors. A local user with access to /dev/kvm could cause the MMU emulator to update page table entry flags at the wrong address. They could exploit this to cause a denial of service (memory corruption or crash) or possibly for privilege escalation. * [CVE-2022-1195](https://security-tracker.debian.org/tracker/CVE-2022-1195) Lin Ma discovered race conditions in the 6pack and mkiss hamradio drivers, which could lead to a use-after-free. A local user could exploit these to cause a denial of service (memory corruption or crash) or possibly for privilege escalation. * [CVE-2022-1198](https://security-tracker.debian.org/tracker/CVE-2022-1198) Duoming Zhou discovered a race condition in the 6pack hamradio driver, which could lead to a use-after-free. A local user could exploit this to cause a denial of service (memory corruption or crash) or possibly for privilege escalation. * [CVE-2022-1199](https://security-tracker.debian.org/tracker/CVE-2022-1199), [CVE-2022-1204](https://security-tracker.debian.org/tracker/CVE-2022-1204), [CVE-2022-1205](https://security-tracker.debian.org/tracker/CVE-2022-1205) Duoming Zhou discovered race conditions in the AX.25 hamradio protocol, which could lead to a use-after-free or null pointer dereference. A local user could exploit this to cause a denial of service (memory corruption or crash) or possibly for privilege escalation. * [CVE-2022-1353](https://security-tracker.debian.org/tracker/CVE-2022-1353) The TCS Robot tool found an information leak in the PF\_KEY subsystem. A local user can receive a netlink message when an IPsec daemon registers with the kernel, and this could include sensitive information. * [CVE-2022-1516](https://security-tracker.debian.org/tracker/CVE-2022-1516) A NULL pointer dereference flaw in the implementation of the X.25 set of standardized network protocols, which can result in denial of service. This driver is not enabled in Debian's official kernel configurations. * [CVE-2022-26490](https://security-tracker.debian.org/tracker/CVE-2022-26490) Buffer overflows in the STMicroelectronics ST21NFCA core driver can result in denial of service or privilege escalation. This driver is not enabled in Debian's official kernel configurations. * [CVE-2022-27666](https://security-tracker.debian.org/tracker/CVE-2022-27666) valis reported a possible buffer overflow in the IPsec ESP transformation code. A local user can take advantage of this flaw to cause a denial of service or for privilege escalation. * [CVE-2022-28356](https://security-tracker.debian.org/tracker/CVE-2022-28356) Beraphin discovered that the ANSI/IEEE 802.2 LLC type 2 driver did not properly perform reference counting on some error paths. A local attacker can take advantage of this flaw to cause a denial of service. * [CVE-2022-28388](https://security-tracker.debian.org/tracker/CVE-2022-28388) A double free vulnerability was discovered in the 8 devices USB2CAN interface driver. * [CVE-2022-28389](https://security-tracker.debian.org/tracker/CVE-2022-28389) A double free vulnerability was discovered in the Microchip CAN BUS Analyzer interface driver. * [CVE-2022-28390](https://security-tracker.debian.org/tracker/CVE-2022-28390) A double free vulnerability was discovered in the EMS CPC-USB/ARM7 CAN/USB interface driver. * [CVE-2022-29582](https://security-tracker.debian.org/tracker/CVE-2022-29582) Jayden Rivers and David Bouman discovered a user-after-free vulnerability in the io\_uring subystem due to a race condition in io\_uring timeouts. A local unprivileged user can take advantage of this flaw for privilege escalation. For the stable distribution (bullseye), these problems have been fixed in version 5.10.113-1. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker page at: [\ https://security-tracker.debian.org/tracker/linux](https://security-tracker.debian.org/tracker/linux)

Affected Software

CPE Name	Name	Version
	linux	5.10.103-1
	linux	5.10.103-1~bpo10+1
	linux	5.10.106-1
	linux	5.10.46-4
	linux	5.10.46-5
	linux	5.10.70-1
	linux	5.10.70-1~bpo10+1
	linux	5.10.84-1
	linux	5.10.92-1
	linux	5.10.92-1~bpo10+1
	linux	5.10.92-2

{"id": "OSV:DSA-5127-1", "vendorId": null, "type": "osv", "bulletinFamily": "software", "title": "linux - security update", "description": "\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks.\n\n\n* [CVE-2021-4197](https://security-tracker.debian.org/tracker/CVE-2021-4197)\nEric Biederman reported that incorrect permission checks in the\n cgroup process migration implementation can allow a local attacker\n to escalate privileges.\n* [CVE-2022-0168](https://security-tracker.debian.org/tracker/CVE-2022-0168)\nA NULL pointer dereference flaw was found in the CIFS client\n implementation which can allow a local attacker with CAP\\_SYS\\_ADMIN\n privileges to crash the system. The security impact is negligible as\n CAP\\_SYS\\_ADMIN inherently gives the ability to deny service.\n* [CVE-2022-1016](https://security-tracker.debian.org/tracker/CVE-2022-1016)\nDavid Bouman discovered a flaw in the netfilter subsystem where the\n nft\\_do\\_chain function did not initialize register data that\n nf\\_tables expressions can read from and write to. A local attacker\n can take advantage of this to read sensitive information.\n* [CVE-2022-1048](https://security-tracker.debian.org/tracker/CVE-2022-1048)\nHu Jiahui discovered a race condition in the sound subsystem that\n can result in a use-after-free. A local user permitted to access a\n PCM sound device can take advantage of this flaw to crash the\n system or potentially for privilege escalation.\n* [CVE-2022-1158](https://security-tracker.debian.org/tracker/CVE-2022-1158)\nQiuhao Li, Gaoning Pan, and Yongkang Jia discovered a bug in the\n KVM implementation for x86 processors. A local user with access to\n /dev/kvm could cause the MMU emulator to update page table entry\n flags at the wrong address. They could exploit this to cause a\n denial of service (memory corruption or crash) or possibly for\n privilege escalation.\n* [CVE-2022-1195](https://security-tracker.debian.org/tracker/CVE-2022-1195)\nLin Ma discovered race conditions in the 6pack and mkiss hamradio\n drivers, which could lead to a use-after-free. A local user could\n exploit these to cause a denial of service (memory corruption or\n crash) or possibly for privilege escalation.\n* [CVE-2022-1198](https://security-tracker.debian.org/tracker/CVE-2022-1198)\nDuoming Zhou discovered a race condition in the 6pack hamradio\n driver, which could lead to a use-after-free. A local user could\n exploit this to cause a denial of service (memory corruption or\n crash) or possibly for privilege escalation.\n* [CVE-2022-1199](https://security-tracker.debian.org/tracker/CVE-2022-1199),\n [CVE-2022-1204](https://security-tracker.debian.org/tracker/CVE-2022-1204),\n [CVE-2022-1205](https://security-tracker.debian.org/tracker/CVE-2022-1205)\nDuoming Zhou discovered race conditions in the AX.25 hamradio\n protocol, which could lead to a use-after-free or null pointer\n dereference. A local user could exploit this to cause a denial of\n service (memory corruption or crash) or possibly for privilege\n escalation.\n* [CVE-2022-1353](https://security-tracker.debian.org/tracker/CVE-2022-1353)\nThe TCS Robot tool found an information leak in the PF\\_KEY\n subsystem. A local user can receive a netlink message when an\n IPsec daemon registers with the kernel, and this could include\n sensitive information.\n* [CVE-2022-1516](https://security-tracker.debian.org/tracker/CVE-2022-1516)\nA NULL pointer dereference flaw in the implementation of the X.25\n set of standardized network protocols, which can result in denial\n of service.\n\n\nThis driver is not enabled in Debian's official kernel\n configurations.\n* [CVE-2022-26490](https://security-tracker.debian.org/tracker/CVE-2022-26490)\nBuffer overflows in the STMicroelectronics ST21NFCA core driver can\n result in denial of service or privilege escalation.\n\n\nThis driver is not enabled in Debian's official kernel\n configurations.\n* [CVE-2022-27666](https://security-tracker.debian.org/tracker/CVE-2022-27666)\nvalis reported a possible buffer overflow in the IPsec ESP\n transformation code. A local user can take advantage of this flaw to\n cause a denial of service or for privilege escalation.\n* [CVE-2022-28356](https://security-tracker.debian.org/tracker/CVE-2022-28356)\nBeraphin discovered that the ANSI/IEEE 802.2 LLC type 2 driver did\n not properly perform reference counting on some error paths. A\n local attacker can take advantage of this flaw to cause a denial\n of service.\n* [CVE-2022-28388](https://security-tracker.debian.org/tracker/CVE-2022-28388)\nA double free vulnerability was discovered in the 8 devices USB2CAN\n interface driver.\n* [CVE-2022-28389](https://security-tracker.debian.org/tracker/CVE-2022-28389)\nA double free vulnerability was discovered in the Microchip CAN BUS\n Analyzer interface driver.\n* [CVE-2022-28390](https://security-tracker.debian.org/tracker/CVE-2022-28390)\nA double free vulnerability was discovered in the EMS CPC-USB/ARM7\n CAN/USB interface driver.\n* [CVE-2022-29582](https://security-tracker.debian.org/tracker/CVE-2022-29582)\nJayden Rivers and David Bouman discovered a user-after-free\n vulnerability in the io\\_uring subystem due to a race condition in\n io\\_uring timeouts. A local unprivileged user can take advantage of\n this flaw for privilege escalation.\n\n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 5.10.113-1.\n\n\nWe recommend that you upgrade your linux packages.\n\n\nFor the detailed security status of linux please refer to its security\ntracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/linux](https://security-tracker.debian.org/tracker/linux)\n\n\n", "published": "2022-05-02T00:00:00", "modified": "2023-06-28T06:51:19", "epss": [{"cve": "CVE-2021-4197", "epss": 0.00043, "percentile": 0.07903, "modified": "2023-05-24"}, {"cve": "CVE-2022-0168", "epss": 0.00042, "percentile": 0.05682, "modified": "2023-06-19"}, {"cve": "CVE-2022-1016", "epss": 0.00045, "percentile": 0.12315, "modified": "2023-06-17"}, {"cve": "CVE-2022-1048", "epss": 0.00042, "percentile": 0.05682, "modified": "2023-06-17"}, {"cve": "CVE-2022-1158", "epss": 0.00042, "percentile": 0.05682, "modified": "2023-06-17"}, {"cve": "CVE-2022-1195", "epss": 0.00042, "percentile": 0.05682, "modified": "2023-06-17"}, {"cve": "CVE-2022-1198", "epss": 0.00042, "percentile": 0.05682, "modified": "2023-06-17"}, {"cve": "CVE-2022-1199", "epss": 0.00087, "percentile": 0.35328, "modified": "2023-06-17"}, {"cve": "CVE-2022-1204", "epss": 0.00042, "percentile": 0.05682, "modified": "2023-06-17"}, {"cve": "CVE-2022-1205", "epss": 0.00042, "percentile": 0.05682, "modified": "2023-06-17"}, {"cve": "CVE-2022-1353", "epss": 0.00042, "percentile": 0.05682, "modified": "2023-06-17"}, {"cve": "CVE-2022-1516", "epss": 0.00042, "percentile": 0.05682, "modified": "2023-06-17"}, {"cve": "CVE-2022-26490", "epss": 0.00042, "percentile": 0.05664, "modified": "2023-06-03"}, {"cve": "CVE-2022-27666", "epss": 0.00042, "percentile": 0.05664, "modified": "2023-06-03"}, {"cve": "CVE-2022-28356", "epss": 0.00042, "percentile": 0.05728, "modified": "2023-06-03"}, {"cve": "CVE-2022-28388", "epss": 0.00042, "percentile": 0.05664, "modified": "2023-06-03"}, {"cve": "CVE-2022-28389", "epss": 0.00042, "percentile": 0.05664, "modified": "2023-06-03"}, {"cve": "CVE-2022-28390", "epss": 0.00042, "percentile": 0.05664, "modified": "2023-06-03"}, {"cve": "CVE-2022-29582", "epss": 0.00042, "percentile": 0.05664, "modified": "2023-06-03"}], "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 7.2}, "severity": "HIGH", "exploitabilityScore": 3.9, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://osv.dev/vulnerability/DSA-5127-1", "reporter": "Google", "references": ["https://www.debian.org/security/2022/dsa-5127"], "cvelist": ["CVE-2021-4197", "CVE-2022-0168", "CVE-2022-1016", "CVE-2022-1048", "CVE-2022-1158", "CVE-2022-1195", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1204", "CVE-2022-1205", "CVE-2022-1353", "CVE-2022-1516", "CVE-2022-26490", "CVE-2022-27666", "CVE-2022-28356", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390", "CVE-2022-29582"], "immutableFields": [], "lastseen": "2023-06-28T06:52:25", "viewCount": 59, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2022:1988", "ALSA-2022:5249", "ALSA-2022:5267", "ALSA-2022:5316", "ALSA-2022:5344", "ALSA-2022:7110", "ALSA-2022:7134", "ALSA-2022:7444", "ALSA-2022:7683", "ALSA-2022:7933", "ALSA-2022:8267", "ALSA-2023:2148", "ALSA-2023:2458"]}, {"type": "amazon", "idList": ["ALAS-2022-1571", "ALAS-2022-1577", "ALAS-2022-1581", "ALAS-2022-1591", "ALAS-2022-1768", "ALAS-2022-1798", "ALAS2-2022-1761", "ALAS2-2022-1768", "ALAS2-2022-1774", "ALAS2-2022-1793", "ALAS2-2022-1798"]}, {"type": "androidsecurity", "idList": ["ANDROID:2022-09-01"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:0538F4CFFE2DC3D3EAD148EB582C7732", "CFOUNDRY:FE970C6702B53B6F613235FEB9F4ACED"]}, {"type": "cloudlinux", "idList": ["CLSA-2022:1650377026", "CLSA-2022:1650377052", "CLSA-2023:1682705952", "CLSA-2023:1682711481"]}, {"type": "cnvd", "idList": ["CNVD-2022-20170", "CNVD-2022-68560", "CNVD-2022-74092", "CNVD-2022-79427"]}, {"type": "cve", "idList": ["CVE-2021-4197", "CVE-2022-0168", "CVE-2022-0886", "CVE-2022-1016", "CVE-2022-1048", "CVE-2022-1158", "CVE-2022-1195", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1204", "CVE-2022-1205", "CVE-2022-1353", "CVE-2022-1516", "CVE-2022-26490", "CVE-2022-27666", "CVE-2022-28356", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390", "CVE-2022-29582"]}, {"type": "debian", "idList": ["DEBIAN:DLA-3065-1:C1710", "DEBIAN:DSA-5127-1:B6959", "DEBIAN:DSA-5173-1:5A28E"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-4197", "DEBIANCVE:CVE-2022-0168", "DEBIANCVE:CVE-2022-1016", "DEBIANCVE:CVE-2022-1048", "DEBIANCVE:CVE-2022-1158", "DEBIANCVE:CVE-2022-1195", "DEBIANCVE:CVE-2022-1198", "DEBIANCVE:CVE-2022-1199", "DEBIANCVE:CVE-2022-1204", "DEBIANCVE:CVE-2022-1205", "DEBIANCVE:CVE-2022-1353", "DEBIANCVE:CVE-2022-1516", "DEBIANCVE:CVE-2022-26490", "DEBIANCVE:CVE-2022-27666", "DEBIANCVE:CVE-2022-28356", "DEBIANCVE:CVE-2022-28388", "DEBIANCVE:CVE-2022-28389", "DEBIANCVE:CVE-2022-28390", "DEBIANCVE:CVE-2022-29582"]}, {"type": "f5", "idList": ["F5:K53648360"]}, {"type": "fedora", "idList": ["FEDORA:0596E3082C37", "FEDORA:11BA63093F7B", "FEDORA:122743072F09", "FEDORA:23A0030AD936", "FEDORA:27893317B3E2", "FEDORA:36BBF3082C35", "FEDORA:47BE23070D89", "FEDORA:5D5BA3025879", "FEDORA:664613166567", "FEDORA:73F80317D954", "FEDORA:A7F053096A3A", "FEDORA:AC4DF316656A", "FEDORA:C50BF316656B", "FEDORA:D3A2830AA053", "FEDORA:DA7083082C36"]}, {"type": "githubexploit", "idList": ["1712473E-5B8C-5296-AFBC-FCA3A1908918", "AC8391C6-9C7C-562A-A523-E925BC4005C3", "BF419F70-A6F6-572C-8DB0-55498291C16C"]}, {"type": "ibm", "idList": ["185BBC212EB199C45233D6B9DC3039EA09F782A9A618E54D0204B7259290E45D", "2007FD1781CF2022D192260E43DD6A6A9D75EAE1E583F1FF51351C7A5D643FB1", "63C8B1DC63A3A0D366B1AA0E3DB24BD123F14B4EB29B74139B4FE1590E5E48A3", "7723E7232CDF38CAF6FB9BEBC720727705544B73B826D4C481C2D54FB681768E", "7A31AC3AD76478BCDFF5EAFDE198D822A87AF40F80D6BE332BB307F284077425", "80CD718D1D142D3B40DCBA71626D910648A9F36D3E9F858F36123167200B31E5", "B315A585CDBD4D516E60AAEBBA49CDD9274D016108F5F855F13CF2FE3AA0F562", "B5ACC7364245F82358F80C10321ECAD386893E3517C368583DC6FDF4DCFC7A53", "E8EFCA8810003524E6931CD5AFDC084870201D5052BAC467C09EBF324F61A84B"]}, {"type": "ics", "idList": ["ICSA-23-075-01", "ICSA-23-166-12"]}, {"type": "mageia", "idList": ["MGASA-2022-0021", "MGASA-2022-0022", "MGASA-2022-0121", "MGASA-2022-0122", "MGASA-2022-0154", "MGASA-2022-0155"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-042.NASL", "AL2022_ALAS2022-2022-083.NASL", "AL2022_ALAS2022-2022-101.NASL", "AL2022_ALAS2022-2022-185.NASL", "AL2023_ALAS2023-2023-070.NASL", "AL2_ALAS-2022-1761.NASL", "AL2_ALAS-2022-1768.NASL", "AL2_ALAS-2022-1774.NASL", "AL2_ALAS-2022-1793.NASL", "AL2_ALAS-2022-1798.NASL", "AL2_ALASKERNEL-5_10-2022-011.NASL", "AL2_ALASKERNEL-5_10-2022-012.NASL", "AL2_ALASKERNEL-5_10-2022-013.NASL", "AL2_ALASKERNEL-5_15-2022-001.NASL", "AL2_ALASKERNEL-5_4-2022-023.NASL", "AL2_ALASKERNEL-5_4-2022-024.NASL", "AL2_ALASKERNEL-5_4-2022-025.NASL", "ALA_ALAS-2022-1571.NASL", "ALA_ALAS-2022-1577.NASL", "ALA_ALAS-2022-1581.NASL", "ALA_ALAS-2022-1591.NASL", "ALMA_LINUX_ALSA-2022-1988.NASL", "ALMA_LINUX_ALSA-2022-5214.NASL", "ALMA_LINUX_ALSA-2022-5249.NASL", "ALMA_LINUX_ALSA-2022-5267.NASL", "ALMA_LINUX_ALSA-2022-5316.NASL", "ALMA_LINUX_ALSA-2022-7110.NASL", "ALMA_LINUX_ALSA-2022-7134.NASL", "ALMA_LINUX_ALSA-2022-7444.NASL", "ALMA_LINUX_ALSA-2022-7683.NASL", "ALMA_LINUX_ALSA-2022-7933.NASL", "ALMA_LINUX_ALSA-2022-8267.NASL", "ALMA_LINUX_ALSA-2023-2148.NASL", "ALMA_LINUX_ALSA-2023-2458.NASL", "DEBIAN_DLA-3065.NASL", "DEBIAN_DSA-5127.NASL", "DEBIAN_DSA-5173.NASL", "EULEROS_SA-2022-1429.NASL", "EULEROS_SA-2022-1450.NASL", "EULEROS_SA-2022-1489.NASL", "EULEROS_SA-2022-1508.NASL", "EULEROS_SA-2022-1537.NASL", "EULEROS_SA-2022-1607.NASL", "EULEROS_SA-2022-1630.NASL", "EULEROS_SA-2022-1735.NASL", "EULEROS_SA-2022-1791.NASL", "EULEROS_SA-2022-1808.NASL", "EULEROS_SA-2022-1817.NASL", "EULEROS_SA-2022-1829.NASL", "EULEROS_SA-2022-1844.NASL", "EULEROS_SA-2022-1868.NASL", "EULEROS_SA-2022-1896.NASL", "EULEROS_SA-2022-1934.NASL", "EULEROS_SA-2022-1969.NASL", "EULEROS_SA-2022-1999.NASL", "EULEROS_SA-2022-2026.NASL", "EULEROS_SA-2022-2054.NASL", "EULEROS_SA-2022-2075.NASL", "EULEROS_SA-2022-2081.NASL", "EULEROS_SA-2022-2090.NASL", "EULEROS_SA-2022-2110.NASL", "EULEROS_SA-2022-2134.NASL", "EULEROS_SA-2022-2159.NASL", "EULEROS_SA-2022-2181.NASL", "EULEROS_SA-2022-2200.NASL", "EULEROS_SA-2022-2244.NASL", "EULEROS_SA-2022-2348.NASL", "EULEROS_SA-2022-2384.NASL", "EULEROS_SA-2022-2566.NASL", "EULEROS_SA-2022-2619.NASL", "EULEROS_SA-2022-2891.NASL", "EULEROS_SA-2023-1695.NASL", "MARINER_KERNEL_CVE-2022-0168.NASL", "MARINER_KERNEL_CVE-2022-1016.NASL", "MARINER_KERNEL_CVE-2022-1048.NASL", "MARINER_KERNEL_CVE-2022-1195.NASL", "MARINER_KERNEL_CVE-2022-1198.NASL", "MARINER_KERNEL_CVE-2022-1199.NASL", "MARINER_KERNEL_CVE-2022-1204.NASL", "MARINER_KERNEL_CVE-2022-1205.NASL", "MARINER_KERNEL_CVE-2022-1353.NASL", "MARINER_KERNEL_CVE-2022-28356.NASL", "MARINER_KERNEL_CVE-2022-28388.NASL", "MARINER_KERNEL_CVE-2022-28389.NASL", "MARINER_KERNEL_CVE-2022-28390.NASL", "MARINER_KERNEL_CVE-2022-29582.NASL", "NEWSTART_CGSL_NS-SA-2022-0089_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2023-0001_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2023-0005_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2023-0017_KERNEL.NASL", "NUTANIX_NXSA-AOS-6_6_2.NASL", "OPENSUSE-2022-0169-1.NASL", "OPENSUSE-2022-0198-1.NASL", "OPENSUSE-2022-0366-1.NASL", "OPENSUSE-2022-1037-1.NASL", "OPENSUSE-2022-1039-1.NASL", "ORACLELINUX_ELSA-2022-1988.NASL", "ORACLELINUX_ELSA-2022-26385.NASL", "ORACLELINUX_ELSA-2022-5249.NASL", "ORACLELINUX_ELSA-2022-5316.NASL", "ORACLELINUX_ELSA-2022-7110.NASL", "ORACLELINUX_ELSA-2022-7683.NASL", "ORACLELINUX_ELSA-2022-8267.NASL", "ORACLELINUX_ELSA-2022-9264.NASL", "ORACLELINUX_ELSA-2022-9265.NASL", "ORACLELINUX_ELSA-2022-9266.NASL", "ORACLELINUX_ELSA-2022-9267.NASL", "ORACLELINUX_ELSA-2022-9270.NASL", "ORACLELINUX_ELSA-2022-9271.NASL", "ORACLELINUX_ELSA-2022-9273.NASL", "ORACLELINUX_ELSA-2022-9274.NASL", "ORACLELINUX_ELSA-2022-9313.NASL", "ORACLELINUX_ELSA-2022-9314.NASL", "ORACLELINUX_ELSA-2022-9348.NASL", "ORACLELINUX_ELSA-2022-9365.NASL", "ORACLELINUX_ELSA-2022-9366.NASL", "ORACLELINUX_ELSA-2022-9367.NASL", "ORACLELINUX_ELSA-2022-9368.NASL", "ORACLELINUX_ELSA-2022-9477.NASL", "ORACLELINUX_ELSA-2022-9478.NASL", "ORACLELINUX_ELSA-2022-9479.NASL", "ORACLELINUX_ELSA-2022-9480.NASL", "ORACLELINUX_ELSA-2022-9533.NASL", "ORACLELINUX_ELSA-2022-9534.NASL", "ORACLELINUX_ELSA-2022-9557.NASL", "ORACLELINUX_ELSA-2023-2458.NASL", "ORACLEVM_OVMSA-2022-0014.NASL", "ORACLEVM_OVMSA-2022-0019.NASL", "REDHAT-RHSA-2022-1975.NASL", "REDHAT-RHSA-2022-1988.NASL", "REDHAT-RHSA-2022-4809.NASL", "REDHAT-RHSA-2022-4829.NASL", "REDHAT-RHSA-2022-4835.NASL", "REDHAT-RHSA-2022-4924.NASL", "REDHAT-RHSA-2022-4942.NASL", "REDHAT-RHSA-2022-5214.NASL", "REDHAT-RHSA-2022-5219.NASL", "REDHAT-RHSA-2022-5220.NASL", "REDHAT-RHSA-2022-5224.NASL", "REDHAT-RHSA-2022-5249.NASL", "REDHAT-RHSA-2022-5267.NASL", "REDHAT-RHSA-2022-5316.NASL", "REDHAT-RHSA-2022-5344.NASL", "REDHAT-RHSA-2022-5476.NASL", "REDHAT-RHSA-2022-5626.NASL", "REDHAT-RHSA-2022-5633.NASL", "REDHAT-RHSA-2022-5678.NASL", "REDHAT-RHSA-2022-5934.NASL", "REDHAT-RHSA-2022-5998.NASL", "REDHAT-RHSA-2022-6243.NASL", "REDHAT-RHSA-2022-6248.NASL", "REDHAT-RHSA-2022-7110.NASL", "REDHAT-RHSA-2022-7134.NASL", "REDHAT-RHSA-2022-7444.NASL", "REDHAT-RHSA-2022-7683.NASL", "REDHAT-RHSA-2022-7933.NASL", "REDHAT-RHSA-2022-8267.NASL", "REDHAT-RHSA-2022-8673.NASL", "REDHAT-RHSA-2022-8685.NASL", "REDHAT-RHSA-2022-8686.NASL", "REDHAT-RHSA-2022-8809.NASL", "REDHAT-RHSA-2022-8831.NASL", "REDHAT-RHSA-2022-8940.NASL", "REDHAT-RHSA-2022-8941.NASL", "REDHAT-RHSA-2022-8973.NASL", "REDHAT-RHSA-2022-8974.NASL", "REDHAT-RHSA-2022-8989.NASL", "REDHAT-RHSA-2022-9082.NASL", "REDHAT-RHSA-2023-2148.NASL", "REDHAT-RHSA-2023-2458.NASL", "ROCKY_LINUX_RLSA-2022-7110.NASL", "ROCKY_LINUX_RLSA-2022-7134.NASL", "SLACKWARE_SSA_2022-129-01.NASL", "SUSE_SU-2022-0169-1.NASL", "SUSE_SU-2022-0197-1.NASL", "SUSE_SU-2022-0198-1.NASL", "SUSE_SU-2022-0288-1.NASL", "SUSE_SU-2022-0289-1.NASL", "SUSE_SU-2022-0362-1.NASL", "SUSE_SU-2022-0364-1.NASL", "SUSE_SU-2022-0366-1.NASL", "SUSE_SU-2022-0367-1.NASL", "SUSE_SU-2022-0371-1.NASL", "SUSE_SU-2022-0372-1.NASL", "SUSE_SU-2022-0477-1.NASL", "SUSE_SU-2022-0555-1.NASL", "SUSE_SU-2022-1037-1.NASL", "SUSE_SU-2022-1038-1.NASL", "SUSE_SU-2022-1039-1.NASL", "SUSE_SU-2022-1163-1.NASL", "SUSE_SU-2022-1172-1.NASL", "SUSE_SU-2022-1182-1.NASL", "SUSE_SU-2022-1183-1.NASL", "SUSE_SU-2022-1189-1.NASL", "SUSE_SU-2022-1192-1.NASL", "SUSE_SU-2022-1193-1.NASL", "SUSE_SU-2022-1194-1.NASL", "SUSE_SU-2022-1196-1.NASL", "SUSE_SU-2022-1197-1.NASL", "SUSE_SU-2022-1212-1.NASL", "SUSE_SU-2022-1215-1.NASL", "SUSE_SU-2022-1223-1.NASL", "SUSE_SU-2022-1224-1.NASL", "SUSE_SU-2022-1230-1.NASL", "SUSE_SU-2022-1242-1.NASL", "SUSE_SU-2022-1246-1.NASL", "SUSE_SU-2022-1248-1.NASL", "SUSE_SU-2022-1255-1.NASL", "SUSE_SU-2022-1256-1.NASL", "SUSE_SU-2022-1257-1.NASL", "SUSE_SU-2022-1261-1.NASL", "SUSE_SU-2022-1266-1.NASL", "SUSE_SU-2022-1267-1.NASL", "SUSE_SU-2022-1268-1.NASL", "SUSE_SU-2022-1269-1.NASL", "SUSE_SU-2022-1270-1.NASL", "SUSE_SU-2022-1278-1.NASL", "SUSE_SU-2022-1283-1.NASL", "SUSE_SU-2022-1303-1.NASL", "SUSE_SU-2022-1318-1.NASL", "SUSE_SU-2022-1320-1.NASL", "SUSE_SU-2022-1322-1.NASL", "SUSE_SU-2022-1326-1.NASL", "SUSE_SU-2022-1329-1.NASL", "SUSE_SU-2022-1335-1.NASL", "SUSE_SU-2022-1369-1.NASL", "SUSE_SU-2022-1402-1.NASL", "SUSE_SU-2022-1407-1.NASL", "SUSE_SU-2022-1440-1.NASL", "SUSE_SU-2022-1453-1.NASL", "SUSE_SU-2022-1486-1.NASL", "SUSE_SU-2022-1569-1.NASL", "SUSE_SU-2022-1571-1.NASL", "SUSE_SU-2022-1573-1.NASL", "SUSE_SU-2022-1575-1.NASL", "SUSE_SU-2022-1591-1.NASL", "SUSE_SU-2022-1605-1.NASL", "SUSE_SU-2022-1629-1.NASL", "SUSE_SU-2022-1634-1.NASL", "SUSE_SU-2022-1637-1.NASL", "SUSE_SU-2022-1651-1.NASL", "SUSE_SU-2022-1668-1.NASL", "SUSE_SU-2022-1669-1.NASL", "SUSE_SU-2022-1676-1.NASL", "SUSE_SU-2022-1686-1.NASL", "SUSE_SU-2022-1687-1.NASL", "SUSE_SU-2022-1939-1.NASL", "SUSE_SU-2022-1942-1.NASL", "SUSE_SU-2022-1945-1.NASL", "SUSE_SU-2022-1947-1.NASL", "SUSE_SU-2022-1948-1.NASL", "SUSE_SU-2022-1955-1.NASL", "SUSE_SU-2022-1974-1.NASL", "SUSE_SU-2022-2000-1.NASL", "SUSE_SU-2022-2006-1.NASL", "SUSE_SU-2022-2077-1.NASL", "SUSE_SU-2022-2078-1.NASL", "SUSE_SU-2022-2079-1.NASL", "SUSE_SU-2022-2082-1.NASL", "SUSE_SU-2022-2083-1.NASL", "SUSE_SU-2022-2103-1.NASL", "SUSE_SU-2022-2104-1.NASL", "SUSE_SU-2022-2111-1.NASL", "SUSE_SU-2022-2177-1.NASL", "SUSE_SU-2022-2268-1.NASL", "SUSE_SU-2022-2520-1.NASL", "SUSE_SU-2022-2615-1.NASL", "SUSE_SU-2022-2699-1.NASL", "SUSE_SU-2022-2700-1.NASL", "SUSE_SU-2022-2709-1.NASL", "SUSE_SU-2022-2726-1.NASL", "SUSE_SU-2022-2727-1.NASL", "SUSE_SU-2022-2728-1.NASL", "SUSE_SU-2022-2738-1.NASL", "SUSE_SU-2022-2745-1.NASL", "SUSE_SU-2022-2766-1.NASL", "SUSE_SU-2022-2770-1.NASL", "SUSE_SU-2022-2776-1.NASL", "SUSE_SU-2022-2780-1.NASL", "SUSE_SU-2022-2783-1.NASL", "SUSE_SU-2022-2789-1.NASL", "SUSE_SU-2022-2854-1.NASL", "SUSE_SU-2022-3288-1.NASL", "SUSE_SU-2022-3293-1.NASL", "SUSE_SU-2022-4617-1.NASL", "UBUNTU_USN-5278-1.NASL", "UBUNTU_USN-5337-1.NASL", "UBUNTU_USN-5353-1.NASL", "UBUNTU_USN-5357-1.NASL", "UBUNTU_USN-5357-2.NASL", "UBUNTU_USN-5358-1.NASL", "UBUNTU_USN-5358-2.NASL", "UBUNTU_USN-5368-1.NASL", "UBUNTU_USN-5377-1.NASL", "UBUNTU_USN-5381-1.NASL", "UBUNTU_USN-5383-1.NASL", "UBUNTU_USN-5390-1.NASL", "UBUNTU_USN-5390-2.NASL", "UBUNTU_USN-5413-1.NASL", "UBUNTU_USN-5415-1.NASL", "UBUNTU_USN-5416-1.NASL", "UBUNTU_USN-5417-1.NASL", "UBUNTU_USN-5418-1.NASL", "UBUNTU_USN-5466-1.NASL", "UBUNTU_USN-5467-1.NASL", "UBUNTU_USN-5468-1.NASL", "UBUNTU_USN-5469-1.NASL", "UBUNTU_USN-5471-1.NASL", "UBUNTU_USN-5493-1.NASL", "UBUNTU_USN-5493-2.NASL", "UBUNTU_USN-5500-1.NASL", "UBUNTU_USN-5505-1.NASL", "UBUNTU_USN-5514-1.NASL", "UBUNTU_USN-5515-1.NASL", "UBUNTU_USN-5539-1.NASL", "UBUNTU_USN-5541-1.NASL", "UBUNTU_USN-5560-1.NASL", "UBUNTU_USN-5560-2.NASL", "UBUNTU_USN-5562-1.NASL", "UBUNTU_USN-5582-1.NASL", "UBUNTU_USN-5650-1.NASL", "UBUNTU_USN-5856-1.NASL", "UBUNTU_USN-6001-1.NASL", "UBUNTU_USN-6014-1.NASL"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2022"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-1988", "ELSA-2022-5249", "ELSA-2022-5316", "ELSA-2022-7110", "ELSA-2022-7683", "ELSA-2022-8267", "ELSA-2022-9264", "ELSA-2022-9265", "ELSA-2022-9266", "ELSA-2022-9267", "ELSA-2022-9270", "ELSA-2022-9271", "ELSA-2022-9273", "ELSA-2022-9274", "ELSA-2022-9313", "ELSA-2022-9314", "ELSA-2022-9348", "ELSA-2022-9365", "ELSA-2022-9366", "ELSA-2022-9367", "ELSA-2022-9368", "ELSA-2022-9477", "ELSA-2022-9478", "ELSA-2022-9479", "ELSA-2022-9480", "ELSA-2022-9533", "ELSA-2022-9534", "ELSA-2022-9557", "ELSA-2023-2458"]}, {"type": "osv", "idList": ["OSV:DLA-3065-1", "OSV:DSA-5173-1"]}, {"type": "photon", "idList": ["PHSA-2022-0168", "PHSA-2022-0183", "PHSA-2022-0201", "PHSA-2022-0376", "PHSA-2022-0393", "PHSA-2022-0395", "PHSA-2022-0459", "PHSA-2022-0513", "PHSA-2022-3.0-0350", "PHSA-2022-3.0-0376", "PHSA-2022-3.0-0393", "PHSA-2022-3.0-0395", "PHSA-2022-4.0-0168", "PHSA-2022-4.0-0183", "PHSA-2022-4.0-0201"]}, {"type": "redhat", "idList": ["RHSA-2022:1975", "RHSA-2022:1988", "RHSA-2022:4809", "RHSA-2022:4814", "RHSA-2022:4829", "RHSA-2022:4835", "RHSA-2022:4924", "RHSA-2022:4942", "RHSA-2022:4956", "RHSA-2022:5201", "RHSA-2022:5214", "RHSA-2022:5219", "RHSA-2022:5220", "RHSA-2022:5224", "RHSA-2022:5249", "RHSA-2022:5267", "RHSA-2022:5316", "RHSA-2022:5344", "RHSA-2022:5392", "RHSA-2022:5476", "RHSA-2022:5483", "RHSA-2022:5531", "RHSA-2022:5556", "RHSA-2022:5626", "RHSA-2022:5633", "RHSA-2022:5678", "RHSA-2022:5730", "RHSA-2022:5840", "RHSA-2022:5879", "RHSA-2022:5934", "RHSA-2022:5998", "RHSA-2022:6053", "RHSA-2022:6243", "RHSA-2022:6248", "RHSA-2022:6258", "RHSA-2022:6262", "RHSA-2022:6263", "RHSA-2022:6308", "RHSA-2022:6317", "RHSA-2022:6318", "RHSA-2022:6322", "RHSA-2022:6681", "RHSA-2022:6882", "RHSA-2022:6890", "RHSA-2022:7110", "RHSA-2022:7134", "RHSA-2022:7201", "RHSA-2022:7276", "RHSA-2022:7313", "RHSA-2022:7434", "RHSA-2022:7444", "RHSA-2022:7683", "RHSA-2022:7933", "RHSA-2022:8267", "RHSA-2022:8673", "RHSA-2022:8685", "RHSA-2022:8686", "RHSA-2022:8781", "RHSA-2022:8809", "RHSA-2022:8831", "RHSA-2022:8889", "RHSA-2022:8893", "RHSA-2022:8940", "RHSA-2022:8941", "RHSA-2022:8973", "RHSA-2022:8974", "RHSA-2022:8989", "RHSA-2022:9040", "RHSA-2022:9082", "RHSA-2023:2148", "RHSA-2023:2458"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-4197", "RH:CVE-2022-0168", "RH:CVE-2022-1016", "RH:CVE-2022-1048", "RH:CVE-2022-1158", "RH:CVE-2022-1195", "RH:CVE-2022-1198", "RH:CVE-2022-1199", "RH:CVE-2022-1204", "RH:CVE-2022-1205", "RH:CVE-2022-1353", "RH:CVE-2022-1516", "RH:CVE-2022-26490", "RH:CVE-2022-27666", "RH:CVE-2022-28356", "RH:CVE-2022-28388", "RH:CVE-2022-28389", "RH:CVE-2022-28390", "RH:CVE-2022-29582"]}, {"type": "redos", "idList": ["ROS-20220413-01", "ROS-20220919-01"]}, {"type": "rocky", "idList": ["RLSA-2022:1975", "RLSA-2022:1988", "RLSA-2022:5316", "RLSA-2022:5344", "RLSA-2022:7110", "RLSA-2022:7134", "RLSA-2022:7444", "RLSA-2022:7683"]}, {"type": "slackware", "idList": ["SSA-2022-129-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0169-1", "OPENSUSE-SU-2022:0198-1", "OPENSUSE-SU-2022:0366-1", "OPENSUSE-SU-2022:1037-1", "OPENSUSE-SU-2022:1039-1", "OPENSUSE-SU-2022:2177-1", "SUSE-SU-2022:1163-1", "SUSE-SU-2022:1183-1", "SUSE-SU-2022:1256-1", "SUSE-SU-2022:1676-1", "SUSE-SU-2022:1687-1", "SUSE-SU-2022:2078-1", "SUSE-SU-2022:2079-1", "SUSE-SU-2022:2111-1", "SUSE-SU-2022:2520-1", "SUSE-SU-2022:2615-1", "SUSE-SU-2022:3288-1", "SUSE-SU-2022:3293-1"]}, {"type": "ubuntu", "idList": ["USN-5278-1", "USN-5337-1", "USN-5353-1", "USN-5357-1", "USN-5357-2", "USN-5358-1", "USN-5358-2", "USN-5368-1", "USN-5377-1", "USN-5381-1", "USN-5383-1", "USN-5390-1", "USN-5390-2", "USN-5413-1", "USN-5415-1", "USN-5416-1", "USN-5417-1", "USN-5418-1", "USN-5466-1", "USN-5467-1", "USN-5468-1", "USN-5469-1", "USN-5471-1", "USN-5493-1", "USN-5493-2", "USN-5500-1", "USN-5505-1", "USN-5513-1", "USN-5514-1", "USN-5515-1", "USN-5539-1", "USN-5541-1", "USN-5560-1", "USN-5560-2", "USN-5562-1", "USN-5582-1", "USN-5650-1", "USN-5856-1", "USN-6001-1", "USN-6013-1", "USN-6014-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-4197", "UB:CVE-2022-0168", "UB:CVE-2022-1016", "UB:CVE-2022-1048", "UB:CVE-2022-1158", "UB:CVE-2022-1195", "UB:CVE-2022-1198", "UB:CVE-2022-1199", "UB:CVE-2022-1204", "UB:CVE-2022-1205", "UB:CVE-2022-1353", "UB:CVE-2022-1516", "UB:CVE-2022-26490", "UB:CVE-2022-27666", "UB:CVE-2022-28356", "UB:CVE-2022-28388", "UB:CVE-2022-28389", "UB:CVE-2022-28390", "UB:CVE-2022-29582"]}, {"type": "veracode", "idList": ["VERACODE:35127", "VERACODE:35530", "VERACODE:35533", "VERACODE:36018", "VERACODE:36019", "VERACODE:36020", "VERACODE:36021", "VERACODE:36022", "VERACODE:36060", "VERACODE:36596", "VERACODE:37005", "VERACODE:39121", "VERACODE:39123", "VERACODE:39549"]}, {"type": "virtuozzo", "idList": ["VZA-2023-003"]}]}, "score": {"value": 1.0, "vector": "NONE"}, "epss": [{"cve": "CVE-2022-1199", "epss": "0.000870000", "percentile": "0.349810000", "modified": "2023-03-20"}, {"cve": "CVE-2022-1198", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-1158", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-1516", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-1353", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-28356", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-29582", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-1016", "epss": "0.000450000", "percentile": "0.121860000", "modified": "2023-03-20"}, {"cve": "CVE-2022-27666", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-26490", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-1048", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-1205", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2021-4197", "epss": "0.000430000", "percentile": "0.077540000", "modified": "2023-03-20"}, {"cve": "CVE-2022-28388", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-1195", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-28389", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-0168", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-1204", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}, {"cve": "CVE-2022-28390", "epss": "0.000420000", "percentile": "0.056330000", "modified": "2023-03-20"}], "vulnersScore": 1.0}, "_state": {"score": 1687936320, "dependencies": 1687935406, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "2eb9b91d43104daa4ae194eedc1b38e4"}, "affectedSoftware": [{"version": "5.10.103-1", "operator": "eq", "name": "linux"}, {"version": "5.10.103-1~bpo10+1", "operator": "eq", "name": "linux"}, {"version": "5.10.106-1", "operator": "eq", "name": "linux"}, {"version": "5.10.46-4", "operator": "eq", "name": "linux"}, {"version": "5.10.46-5", "operator": "eq", "name": "linux"}, {"version": "5.10.70-1", "operator": "eq", "name": "linux"}, {"version": "5.10.70-1~bpo10+1", "operator": "eq", "name": "linux"}, {"version": "5.10.84-1", "operator": "eq", "name": "linux"}, {"version": "5.10.92-1", "operator": "eq", "name": "linux"}, {"version": "5.10.92-1~bpo10+1", "operator": "eq", "name": "linux"}, {"version": "5.10.92-2", "operator": "eq", "name": "linux"}]}

{"nessus": [{"lastseen": "2023-05-18T14:46:12", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5127 advisory.\n\n - An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2021-4197)\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1048)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. (CVE-2022-1195)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. (CVE-2022-1353)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. (CVE-2022-29582)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-03T00:00:00", "type": "nessus", "title": "Debian DSA-5127-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4197", "CVE-2022-0168", "CVE-2022-1016", "CVE-2022-1048", "CVE-2022-1158", "CVE-2022-1195", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1204", "CVE-2022-1205", "CVE-2022-1353", "CVE-2022-1516", "CVE-2022-26490", "CVE-2022-27666", "CVE-2022-28356", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390", "CVE-2022-29582"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:bpftool", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:dasd-extra-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:dasd-extra-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:dasd-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:dasd-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:efi-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:efi-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:fancontrol-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:fancontrol-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:hyperv-daemons", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:hypervisor-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:hypervisor-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:ipv6-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:ipv6-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:jffs2-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:jffs2-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:libcpupower-dev", "p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:libcpupower1", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-x86", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-arm", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-s390", "p-cpe:/a:debian:debian_linux:linux-config-5.10", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-4kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-cpupower", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-5kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-doc", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-686-dbg", "p-cpe:/a:debian:debian_linux:linux-doc-5.10", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:linux-headers-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-686-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-armmdbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-armmlpae", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-armmlpae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-cloud-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-686", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-cloud-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-cloud-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-amd64", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-cloud-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-loongson-3", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-arm64", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-loongson-3-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-marvell", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-armmlpae", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-marvell-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-octeon", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-octeon-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-cloud-amd64", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-powerpc64le-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rpi", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-cloud-arm64", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rpi-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-common", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-common-rt", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-loongson-3", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-armmdbg", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-marvell", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-s390x", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-octeon", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-s390x-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-image-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-rpi", "p-cpe:/a:debian:debian_linux:linux-image-5kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-image-amd64-signed-template", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-rt-arm64", "p-cpe:/a:debian:debian_linux:linux-image-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-arm64-signed-template", "p-cpe:/a:debian:debian_linux:linux-image-armmdbg", "p-cpe:/a:debian:debian_linux:linux-image-armmlpae", "p-cpe:/a:debian:debian_linux:linux-image-armmlpae-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-s390x", "p-cpe:/a:debian:debian_linux:linux-image-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-cloud-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-cloud-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-armmlpae", "p-cpe:/a:debian:debian_linux:linux-image-i386-signed-template", "p-cpe:/a:debian:debian_linux:linux-headers-armmp", "p-cpe:/a:debian:debian_linux:linux-image-loongson-3", "p-cpe:/a:debian:debian_linux:linux-headers-loongson-3", "p-cpe:/a:debian:debian_linux:linux-headers-marvell", "p-cpe:/a:debian:debian_linux:linux-headers-octeon", "p-cpe:/a:debian:debian_linux:linux-headers-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-headers-rpi", "p-cpe:/a:debian:debian_linux:linux-headers-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-headers-s390x", "p-cpe:/a:debian:debian_linux:linux-image-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-4kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-4kc-malta", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-perf", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:linux-perf-5.10", "p-cpe:/a:debian:debian_linux:linux-source", "p-cpe:/a:debian:debian_linux:linux-source-5.10", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:linux-support-5.10.0-10", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:nfs-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nfs-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:rtc-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:rtc-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:serial-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:serial-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:speakumodules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:speakumodules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-armmdi", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-armmdi", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-marvell-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-13-s390x-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-armmdi", "cpe:/o:debian:debian_linux:11.0", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-marvell-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-powerpc64le-di", "p-cpe:/a:debian:debian_linux:usbip", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-10-4kc-malta-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-10-5kc-malta-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-10-loongson-3-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-10-octeon-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-10-powerpc64le-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-10-s390x-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-13-4kc-malta-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-13-5kc-malta-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-13-loongson-3-di", "p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-13-octeon-di", "p-cpe:/a:debian:debian_linux:linux-image-loongson-3-dbg", "p-cpe:/a:debian:debian_linux:linux-image-marvell", "p-cpe:/a:debian:debian_linux:linux-image-marvell-dbg", "p-cpe:/a:debian:debian_linux:linux-image-octeon", "p-cpe:/a:debian:debian_linux:linux-image-octeon-dbg", "p-cpe:/a:debian:debian_linux:linux-image-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-image-powerpc64le-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rpi", "p-cpe:/a:debian:debian_linux:linux-image-rpi-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-armmdbg", "p-cpe:/a:debian:debian_linux:linux-image-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-s390x", "p-cpe:/a:debian:debian_linux:linux-image-s390x-dbg", "p-cpe:/a:debian:debian_linux:linux-kbuild-5.10"], "id": "DEBIAN_DSA-5127.NASL", "href": "https://www.tenable.com/plugins/nessus/160469", "sourceData": "#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5127. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160469);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2021-4197\",\n \"CVE-2022-0168\",\n \"CVE-2022-1016\",\n \"CVE-2022-1048\",\n \"CVE-2022-1158\",\n \"CVE-2022-1195\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1204\",\n \"CVE-2022-1205\",\n \"CVE-2022-1353\",\n \"CVE-2022-1516\",\n \"CVE-2022-26490\",\n \"CVE-2022-27666\",\n \"CVE-2022-28356\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\",\n \"CVE-2022-29582\"\n );\n\n script_name(english:\"Debian DSA-5127-1 : linux - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5127 advisory.\n\n - An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces\n subsystem was found in the way users have access to some less privileged process that are controlled by\n cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of\n control groups. A local user could use this flaw to crash the system or escalate their privileges on the\n system. (CVE-2021-4197)\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers\n concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM\n for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the\n system. (CVE-2022-1048)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a\n local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device\n is detached and reclaim resources early. (CVE-2022-1195)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This\n flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a\n leak of internal kernel information. (CVE-2022-1353)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has\n EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and\n net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap\n objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring\n timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race\n condition perhaps can only be exploited infrequently. (CVE-2022-29582)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5127\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4197\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0168\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1195\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1204\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1205\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1353\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-26490\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-27666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-28356\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-28388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-28389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-28390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-29582\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/linux\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 5.10.113-1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4197\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-28390\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:affs-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ata-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:btrfs-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cdrom-core-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crc-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-dm-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:crypto-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dasd-extra-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dasd-extra-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dasd-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dasd-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:efi-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:efi-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:event-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ext4-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:f2fs-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fancontrol-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fancontrol-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fat-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fb-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firewire-core-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fuse-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hyperv-daemons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hypervisor-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hypervisor-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:i2c-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:input-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ipv6-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ipv6-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:isofs-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jffs2-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jffs2-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jfs-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:kernel-image-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:leds-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-10-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-config-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-cpupower\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-armmlpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-cloud-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-cloud-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-common-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-rt-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5.10.0-10-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-armmlpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-4kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-5kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-686-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-armmdbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-armmlpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-armmlpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-cloud-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-cloud-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-cloud-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-cloud-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-loongson-3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-marvell-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-octeon-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-powerpc64le-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rpi-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-armmdbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5.10.0-10-s390x-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-5kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-amd64-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-arm64-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmdbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmlpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmlpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-cloud-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-cloud-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-i386-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-loongson-3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-marvell-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-octeon-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-powerpc64le-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rpi-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-armmdbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-s390x-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-kbuild-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-5.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-5.10.0-10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:loomodules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:md-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:minix-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-core-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mmc-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mouse-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-core-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:mtd-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:multipath-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nbd-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nfs-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nfs-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-shared-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-usb-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nic-wireless-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pata-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ppmodules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rtc-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:rtc-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sata-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-core-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:scsi-nic-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:serial-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:serial-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:sound-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:speakumodules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:speakumodules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squashfs-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:udf-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:uinput-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-serial-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-armmdi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-marvell-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usb-storage-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usbip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-10-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-10-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-10-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-10-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-10-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-10-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-13-4kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-13-5kc-malta-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-13-loongson-3-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-13-octeon-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-13-powerpc64le-di\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xfs-modules-5.10.0-13-s390x-di\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'affs-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ata-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'bpftool', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'btrfs-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'cdrom-core-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crc-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-dm-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'crypto-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'dasd-extra-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'dasd-extra-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'dasd-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'dasd-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'efi-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'efi-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'event-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ext4-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'f2fs-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fancontrol-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fancontrol-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fat-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fb-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'firewire-core-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'firewire-core-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'firewire-core-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'firewire-core-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'fuse-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'hyperv-daemons', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'hypervisor-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'hypervisor-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'i2c-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'input-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ipv6-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ipv6-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'isofs-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jffs2-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jffs2-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'jfs-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'kernel-image-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'leds-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'leds-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'leds-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'leds-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'libcpupower-dev', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'libcpupower1', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-compiler-gcc-10-arm', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-compiler-gcc-10-s390', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-compiler-gcc-10-x86', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-config-5.10', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-cpupower', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-doc', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-doc-5.10', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-4kc-malta', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-4kc-malta', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-5kc-malta', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-686', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-686-pae', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-amd64', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-arm64', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-armmp', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-armmp-lpae', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-cloud-amd64', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-cloud-arm64', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-common', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-common-rt', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-loongson-3', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-marvell', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-octeon', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-powerpc64le', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-rpi', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-rt-686-pae', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-rt-amd64', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-rt-arm64', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-rt-armmp', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5.10.0-10-s390x', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-5kc-malta', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-armmp', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-armmp-lpae', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-loongson-3', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-marvell', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-octeon', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-powerpc64le', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-rpi', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-rt-armmp', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-headers-s390x', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-4kc-malta', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-4kc-malta-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-4kc-malta', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-4kc-malta-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-5kc-malta', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-5kc-malta-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-686-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-686-pae-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-686-pae-unsigned', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-686-unsigned', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-amd64-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-amd64-unsigned', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-arm64-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-arm64-unsigned', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-armmp', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-armmp-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-armmp-lpae', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-armmp-lpae-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-cloud-amd64-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-cloud-amd64-unsigned', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-cloud-arm64-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-cloud-arm64-unsigned', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-loongson-3', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-loongson-3-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-marvell', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-marvell-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-octeon', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-octeon-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-powerpc64le', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-powerpc64le-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-rpi', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-rpi-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-rt-686-pae-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-rt-686-pae-unsigned', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-rt-amd64-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-rt-amd64-unsigned', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-rt-arm64-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-rt-arm64-unsigned', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-rt-armmp', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-rt-armmp-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-s390x', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5.10.0-10-s390x-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5kc-malta', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-5kc-malta-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-686-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-686-pae-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-amd64-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-amd64-signed-template', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-arm64-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-arm64-signed-template', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-armmp', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-armmp-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-armmp-lpae', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-armmp-lpae-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-cloud-amd64-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-cloud-arm64-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-i386-signed-template', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-loongson-3', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-loongson-3-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-marvell', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-marvell-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-octeon', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-octeon-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-powerpc64le', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-powerpc64le-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-rpi', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-rpi-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-rt-686-pae-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-rt-amd64-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-rt-arm64-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-rt-armmp', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-rt-armmp-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-s390x', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-image-s390x-dbg', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-kbuild-5.10', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-libc-dev', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-perf', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-perf-5.10', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-source', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-source-5.10', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'linux-support-5.10.0-10', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'loop-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'md-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'minix-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-core-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mmc-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mouse-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-core-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'mtd-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'multipath-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nbd-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nfs-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nfs-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-shared-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-usb-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'nic-wireless-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'pata-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'ppp-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'rtc-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'rtc-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sata-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-core-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'scsi-nic-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'serial-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'serial-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'sound-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'speakup-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'speakup-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'squashfs-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'udf-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'uinput-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-serial-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-10-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-10-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-13-armmp-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-13-marvell-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usb-storage-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'usbip', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-10-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-10-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-10-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-10-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-10-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-10-s390x-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-13-4kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-13-5kc-malta-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-13-loongson-3-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-13-octeon-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-13-powerpc64le-di', 'reference': '5.10.113-1'},\n {'release': '11.0', 'prefix': 'xfs-modules-5.10.0-13-s390x-di', 'reference': '5.10.113-1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'affs-modules-5.10.0-10-4kc-malta-di / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:33:33", "description": "The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5541-1 advisory.\n\n - An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2021-4197)\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. (CVE-2022-1011)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel. (CVE-2022-2380)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - No description is available for this CVE. (CVE-2022-1198)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A use-after-free flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system. (CVE-2022-1204)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-29T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 ESM : Linux kernel (Azure) vulnerabilities (USN-5541-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4197", "CVE-2022-1011", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1204", "CVE-2022-1205", "CVE-2022-1353", "CVE-2022-1516", "CVE-2022-2380", "CVE-2022-28388", "CVE-2022-28389"], "modified": "2023-03-23T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:esm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1146-azure", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azure"], "id": "UBUNTU_USN-5541-1.NASL", "href": "https://www.tenable.com/plugins/nessus/163545", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5541-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163545);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2021-4197\",\n \"CVE-2022-1011\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1204\",\n \"CVE-2022-1205\",\n \"CVE-2022-1353\",\n \"CVE-2022-1516\",\n \"CVE-2022-2380\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\"\n );\n script_xref(name:\"USN\", value:\"5541-1\");\n\n script_name(english:\"Ubuntu 16.04 ESM : Linux kernel (Azure) vulnerabilities (USN-5541-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-5541-1 advisory.\n\n - An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces\n subsystem was found in the way users have access to some less privileged process that are controlled by\n cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of\n control groups. A local user could use this flaw to crash the system or escalate their privileges on the\n system. (CVE-2021-4197)\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in\n privilege escalation. (CVE-2022-1011)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This\n flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a\n leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols\n functionality in the way a user terminates their session using a simulated Ethernet card and continued\n usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - The Linux kernel was found vulnerable out of bounds memory access in the\n drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers\n being able to crash the kernel. (CVE-2022-2380)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - No description is available for this CVE. (CVE-2022-1198)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A use-after-free flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the\n way a user connects with the protocol. This flaw allows a local user to crash the system. (CVE-2022-1204)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality\n in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5541-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4197\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-28389\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1146-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azure\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(4.15.0-\\d{4}-azure)$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"4.15.0-\\d{4}-azure\" : \"4.15.0-1146\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5541-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2021-4197', 'CVE-2022-1011', 'CVE-2022-1198', 'CVE-2022-1199', 'CVE-2022-1204', 'CVE-2022-1205', 'CVE-2022-1353', 'CVE-2022-1516', 'CVE-2022-2380', 'CVE-2022-28388', 'CVE-2022-28389');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5541-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-11T14:37:35", "description": "The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5416-1 advisory.\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition. (CVE-2022-1158)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-12T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5416-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1158", "CVE-2022-1516", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390"], "modified": "2023-07-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.14.0-1036-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.14.0-1036-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04c", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04d", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.14.0-1036-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04c", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04d", "p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.14.0-1036-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.14.0-1036-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04c", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04d", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14-headers-5.14.0-1036", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14-tools-5.14.0-1036", "p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14-tools-host", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.14.0-1036-oem", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04b", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04c", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04d"], "id": "UBUNTU_USN-5416-1.NASL", "href": "https://www.tenable.com/plugins/nessus/161062", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5416-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161062);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/10\");\n\n script_cve_id(\n \"CVE-2022-1158\",\n \"CVE-2022-1516\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\"\n );\n script_xref(name:\"USN\", value:\"5416-1\");\n\n script_name(english:\"Ubuntu 20.04 LTS : Linux kernel (OEM) vulnerabilities (USN-5416-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5416-1 advisory.\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the\n offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw\n allows unprivileged local users on the host to write outside the userspace region and potentially corrupt\n the kernel, resulting in a denial of service condition. (CVE-2022-1158)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols\n functionality in the way a user terminates their session using a simulated Ethernet card and continued\n usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5416-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-28390\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/04/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-buildinfo-5.14.0-1036-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-5.14.0-1036-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-oem-20.04d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.14.0-1036-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oem-20.04d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-unsigned-5.14.0-1036-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-modules-5.14.0-1036-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-20.04d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14-headers-5.14.0-1036\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14-tools-5.14.0-1036\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14-tools-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-5.14.0-1036-oem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04b\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-oem-20.04d\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('20.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '20.04', 'pkgname': 'linux-buildinfo-5.14.0-1036-oem', 'pkgver': '5.14.0-1036.40'},\n {'osver': '20.04', 'pkgname': 'linux-headers-5.14.0-1036-oem', 'pkgver': '5.14.0-1036.40'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04b', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04c', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-headers-oem-20.04d', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-image-5.14.0-1036-oem', 'pkgver': '5.14.0-1036.40'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04b', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04c', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-image-oem-20.04d', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-image-unsigned-5.14.0-1036-oem', 'pkgver': '5.14.0-1036.40'},\n {'osver': '20.04', 'pkgname': 'linux-modules-5.14.0-1036-oem', 'pkgver': '5.14.0-1036.40'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04b', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04c', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-oem-20.04d', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.14-headers-5.14.0-1036', 'pkgver': '5.14.0-1036.40'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.14-tools-5.14.0-1036', 'pkgver': '5.14.0-1036.40'},\n {'osver': '20.04', 'pkgname': 'linux-oem-5.14-tools-host', 'pkgver': '5.14.0-1036.40'},\n {'osver': '20.04', 'pkgname': 'linux-tools-5.14.0-1036-oem', 'pkgver': '5.14.0-1036.40'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04b', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04c', 'pkgver': '5.14.0.1036.33'},\n {'osver': '20.04', 'pkgname': 'linux-tools-oem-20.04d', 'pkgver': '5.14.0.1036.33'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'linux-buildinfo-5.14.0-1036-oem / linux-headers-5.14.0-1036-oem / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T18:30:39", "description": "The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5469-1 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1048)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. (CVE-2022-1195)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nf_tables_api.c. This flaw allows a local attacker with user access to cause a privilege escalation issue. (CVE-2022-1966)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-08T00:00:00", "type": "nessus", "title": "Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-5469-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0168", "CVE-2022-1048", "CVE-2022-1158", "CVE-2022-1195", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1204", "CVE-2022-1205", "CVE-2022-1263", "CVE-2022-1353", "CVE-2022-1516", "CVE-2022-1651", "CVE-2022-1671", "CVE-2022-1966", "CVE-2022-1972", "CVE-2022-21499", "CVE-2022-28356", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:22.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1007-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1008-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1009-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1010-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1011-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1011-raspi-nolpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-37-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-37-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-37-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-37-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-37-lowlatency-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-64k", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-nolpae"], "id": "UBUNTU_USN-5469-1.NASL", "href": "https://www.tenable.com/plugins/nessus/161955", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5469-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161955);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\n \"CVE-2022-0168\",\n \"CVE-2022-1048\",\n \"CVE-2022-1158\",\n \"CVE-2022-1195\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1204\",\n \"CVE-2022-1205\",\n \"CVE-2022-1263\",\n \"CVE-2022-1353\",\n \"CVE-2022-1516\",\n \"CVE-2022-1651\",\n \"CVE-2022-1671\",\n \"CVE-2022-1966\",\n \"CVE-2022-1972\",\n \"CVE-2022-21499\",\n \"CVE-2022-28356\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\"\n );\n script_xref(name:\"USN\", value:\"5469-1\");\n\n script_name(english:\"Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-5469-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-5469-1 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers\n concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM\n for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the\n system. (CVE-2022-1048)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a\n local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device\n is detached and reclaim resources early. (CVE-2022-1195)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This\n flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a\n leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols\n functionality in the way a user terminates their session using a simulated Ethernet card and continued\n usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in\n net/netfilter/nf_tables_api.c. This flaw allows a local attacker with user access to cause a privilege\n escalation issue. (CVE-2022-1966)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5469-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1966\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-28390\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/04/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1007-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1008-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1009-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1010-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1011-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-1011-raspi-nolpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-37-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-37-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-37-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-37-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.15.0-37-lowlatency-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-64k\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi-nolpae\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(22\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 22.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.15.0-\\d{2}-(generic|generic-64k|generic-lpae|lowlatency|lowlatency-64k)|5.15.0-\\d{4}-(gcp|ibm|kvm|oracle|raspi|raspi-nolpae))$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.15.0-\\d{2}-(generic|generic-64k|generic-lpae|lowlatency|lowlatency-64k)\" : \"5.15.0-37\",\n \"5.15.0-\\d{4}-(raspi|raspi-nolpae)\" : \"5.15.0-1011\",\n \"5.15.0-\\d{4}-gcp\" : \"5.15.0-1008\",\n \"5.15.0-\\d{4}-ibm\" : \"5.15.0-1007\",\n \"5.15.0-\\d{4}-kvm\" : \"5.15.0-1010\",\n \"5.15.0-\\d{4}-oracle\" : \"5.15.0-1009\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5469-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-0168', 'CVE-2022-1048', 'CVE-2022-1158', 'CVE-2022-1195', 'CVE-2022-1198', 'CVE-2022-1199', 'CVE-2022-1204', 'CVE-2022-1205', 'CVE-2022-1263', 'CVE-2022-1353', 'CVE-2022-1516', 'CVE-2022-1651', 'CVE-2022-1671', 'CVE-2022-1966', 'CVE-2022-1972', 'CVE-2022-21499', 'CVE-2022-28356', 'CVE-2022-28388', 'CVE-2022-28389', 'CVE-2022-28390');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5469-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:31:46", "description": "The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5515-1 advisory.\n\n - An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2021-4197)\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. (CVE-2022-1011)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel. (CVE-2022-2380)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - No description is available for this CVE. (CVE-2022-1198)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A use-after-free flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system. (CVE-2022-1204)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-14T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5515-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4197", "CVE-2022-1011", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1204", "CVE-2022-1205", "CVE-2022-1353", "CVE-2022-1516", "CVE-2022-2380", "CVE-2022-28389"], "modified": "2023-03-23T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:esm", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1049-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1102-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1115-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1123-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1131-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1133-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1137-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1137-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-189-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-189-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe", "p-cpe:/a:canonical:ubuntu_linux:linux-image-dell300x", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon"], "id": "UBUNTU_USN-5515-1.NASL", "href": "https://www.tenable.com/plugins/nessus/163111", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5515-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163111);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2021-4197\",\n \"CVE-2022-1011\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1204\",\n \"CVE-2022-1205\",\n \"CVE-2022-1353\",\n \"CVE-2022-1516\",\n \"CVE-2022-2380\",\n \"CVE-2022-28389\"\n );\n script_xref(name:\"USN\", value:\"5515-1\");\n\n script_name(english:\"Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5515-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the USN-5515-1 advisory.\n\n - An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces\n subsystem was found in the way users have access to some less privileged process that are controlled by\n cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of\n control groups. A local user could use this flaw to crash the system or escalate their privileges on the\n system. (CVE-2021-4197)\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in\n privilege escalation. (CVE-2022-1011)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This\n flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a\n leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols\n functionality in the way a user terminates their session using a simulated Ethernet card and continued\n usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - The Linux kernel was found vulnerable out of bounds memory access in the\n drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers\n being able to crash the kernel. (CVE-2022-2380)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - No description is available for this CVE. (CVE-2022-1198)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A use-after-free flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the\n way a user connects with the protocol. This flaw allows a local user to crash the system. (CVE-2022-1204)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality\n in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5515-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-4197\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-28389\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1049-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1102-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1115-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1123-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1131-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1133-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1137-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-1137-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-189-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.15.0-189-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws-hwe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-dell300x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-oracle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(4.15.0-\\d{3}-(generic|lowlatency)|4.15.0-\\d{4}-(aws|aws-hwe|dell300x|gcp|kvm|oracle|raspi2|snapdragon))$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"4.15.0-\\d{3}-(generic|lowlatency)\" : \"4.15.0-189\",\n \"4.15.0-\\d{4}-(aws|aws-hwe)\" : \"4.15.0-1137\",\n \"4.15.0-\\d{4}-dell300x\" : \"4.15.0-1049\",\n \"4.15.0-\\d{4}-gcp\" : \"4.15.0-1131\",\n \"4.15.0-\\d{4}-kvm\" : \"4.15.0-1123\",\n \"4.15.0-\\d{4}-oracle\" : \"4.15.0-1102\",\n \"4.15.0-\\d{4}-raspi2\" : \"4.15.0-1115\",\n \"4.15.0-\\d{4}-snapdragon\" : \"4.15.0-1133\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5515-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2021-4197', 'CVE-2022-1011', 'CVE-2022-1198', 'CVE-2022-1199', 'CVE-2022-1204', 'CVE-2022-1205', 'CVE-2022-1353', 'CVE-2022-1516', 'CVE-2022-2380', 'CVE-2022-28389');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5515-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-15T14:44:32", "description": "The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1183-1 advisory.\n\n - In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file. (CVE-2021-45868)\n\n - A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace. (CVE-2022-0850)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. (CVE-2022-1011)\n\n - A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. (CVE-2022-1016)\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1048)\n\n - A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 (CVE-2022-1055)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. (CVE-2022-1195)\n\n - A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.\n (CVE-2022-1198)\n\n - A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability. (CVE-2022-1199)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-04-14T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:1183-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-45868", "CVE-2022-0850", "CVE-2022-0854", "CVE-2022-1011", "CVE-2022-1016", "CVE-2022-1048", "CVE-2022-1055", "CVE-2022-1195", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1205", "CVE-2022-27666", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-livepatch", "p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel", "p-cpe:/a:novell:suse_linux:kernel-devel", "p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_63-default", "p-cpe:/a:novell:suse_linux:kernel-macros", "p-cpe:/a:novell:suse_linux:kernel-obs-build", "p-cpe:/a:novell:suse_linux:kernel-preempt", "p-cpe:/a:novell:suse_linux:kernel-preempt-devel", "p-cpe:/a:novell:suse_linux:kernel-preempt-extra", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-zfcpdump", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-default", "p-cpe:/a:novell:suse_linux:reiserfs-kmp-default", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:cluster-md-kmp-default", "p-cpe:/a:novell:suse_linux:dlm-kmp-default", "p-cpe:/a:novell:suse_linux:gfs2-kmp-default", "p-cpe:/a:novell:suse_linux:kernel-64kb", "p-cpe:/a:novell:suse_linux:kernel-64kb-devel", "p-cpe:/a:novell:suse_linux:kernel-default"], "id": "SUSE_SU-2022-1183-1.NASL", "href": "https://www.tenable.com/plugins/nessus/159739", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:1183-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159739);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2021-45868\",\n \"CVE-2022-0850\",\n \"CVE-2022-0854\",\n \"CVE-2022-1011\",\n \"CVE-2022-1016\",\n \"CVE-2022-1048\",\n \"CVE-2022-1055\",\n \"CVE-2022-1195\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1205\",\n \"CVE-2022-27666\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:1183-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2022:1183-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by\nmultiple vulnerabilities as referenced in the SUSE-SU-2022:1183-1 advisory.\n\n - In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota\n tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a\n corrupted quota file. (CVE-2021-45868)\n\n - A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to\n userspace. (CVE-2022-0850)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in\n privilege escalation. (CVE-2022-1011)\n\n - A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a\n use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel\n information leak problem caused by a local, unprivileged attacker. (CVE-2022-1016)\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers\n concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM\n for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the\n system. (CVE-2022-1048)\n\n - A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain\n privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past\n commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 (CVE-2022-1055)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a\n local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device\n is detached and reclaim resources early. (CVE-2022-1195)\n\n - A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an\n attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.\n (CVE-2022-1198)\n\n - A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating\n amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free\n vulnerability. (CVE-2022-1199)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality\n in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and\n net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap\n objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1065729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1156395\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1175667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1177028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1178134\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179639\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1180153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189562\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195640\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196196\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196478\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197227\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197300\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197501\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197675\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197819\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197914\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198031\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198032\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198033\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-45868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1195\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1205\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-27666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28390\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-April/010701.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?45c03dc0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1048\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-28390\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-64kb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-64kb-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-livepatch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-150300_59_63-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-preempt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-preempt-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-zfcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:reiserfs-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLED_SAP15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED_SAP15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'cluster-md-kmp-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'dlm-kmp-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'gfs2-kmp-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-64kb-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-64kb-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-64kb-devel-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-64kb-devel-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-default-devel-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-default-devel-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-default-extra-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-default-extra-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-default-livepatch-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-default-livepatch-devel-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-devel-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-devel-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-macros-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-macros-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-obs-build-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-obs-build-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-preempt-extra-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-preempt-extra-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-source-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-source-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-syms-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-syms-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-zfcpdump-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'s390x', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-zfcpdump-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'s390x', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'ocfs2-kmp-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'reiserfs-kmp-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'cluster-md-kmp-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-ha-release-15.3', 'sles-release-15.3']},\n {'reference':'dlm-kmp-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-ha-release-15.3', 'sles-release-15.3']},\n {'reference':'gfs2-kmp-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-ha-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-64kb-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-64kb-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-64kb-devel-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-64kb-devel-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-devel-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-devel-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-livepatch-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-live-patching-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-livepatch-devel-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-live-patching-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-devel-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-devel-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-live-patching-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-macros-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-macros-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-obs-build-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-obs-build-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-devel-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-source-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-source-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-syms-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-syms-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-development-tools-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-zfcpdump-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'s390x', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-zfcpdump-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'s390x', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'ocfs2-kmp-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-ha-release-15.3', 'sles-release-15.3']},\n {'reference':'reiserfs-kmp-default-5.3.18-150300.59.63.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-legacy-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-extra-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-default-extra-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-extra-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-preempt-extra-5.3.18-150300.59.63.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-we-release-15.3', 'sled-release-15.3', 'sles-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T15:02:49", "description": "The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1407-1 advisory.\n\n - In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file. (CVE-2021-45868)\n\n - A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace. (CVE-2022-0850)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. (CVE-2022-1011)\n\n - A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. (CVE-2022-1016)\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1048)\n\n - A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 (CVE-2022-1055)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. (CVE-2022-1195)\n\n - A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.\n (CVE-2022-1198)\n\n - A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability. (CVE-2022-1199)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-04-27T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (SUSE-SU-2022:1407-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-45868", "CVE-2022-0850", "CVE-2022-0854", "CVE-2022-1011", "CVE-2022-1016", "CVE-2022-1048", "CVE-2022-1055", "CVE-2022-1195", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1205", "CVE-2022-27666", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt", "p-cpe:/a:novell:suse_linux:dlm-kmp-rt", "p-cpe:/a:novell:suse_linux:gfs2-kmp-rt", "p-cpe:/a:novell:suse_linux:kernel-devel-rt", "p-cpe:/a:novell:suse_linux:kernel-rt", "p-cpe:/a:novell:suse_linux:kernel-rt-devel", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel", "p-cpe:/a:novell:suse_linux:kernel-source-rt", "p-cpe:/a:novell:suse_linux:kernel-syms-rt", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-1407-1.NASL", "href": "https://www.tenable.com/plugins/nessus/160222", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:1407-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160222);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2021-45868\",\n \"CVE-2022-0850\",\n \"CVE-2022-0854\",\n \"CVE-2022-1011\",\n \"CVE-2022-1016\",\n \"CVE-2022-1048\",\n \"CVE-2022-1055\",\n \"CVE-2022-1195\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1205\",\n \"CVE-2022-27666\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:1407-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (SUSE-SU-2022:1407-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:1407-1 advisory.\n\n - In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota\n tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a\n corrupted quota file. (CVE-2021-45868)\n\n - A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to\n userspace. (CVE-2022-0850)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in\n privilege escalation. (CVE-2022-1011)\n\n - A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a\n use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel\n information leak problem caused by a local, unprivileged attacker. (CVE-2022-1016)\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers\n concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM\n for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the\n system. (CVE-2022-1048)\n\n - A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain\n privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past\n commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 (CVE-2022-1055)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a\n local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device\n is detached and reclaim resources early. (CVE-2022-1195)\n\n - A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an\n attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.\n (CVE-2022-1198)\n\n - A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating\n amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free\n vulnerability. (CVE-2022-1199)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality\n in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and\n net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap\n objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1065729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1156395\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1175667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1177028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1178134\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179639\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1180153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189562\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195640\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196196\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196478\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197227\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197300\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197501\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197675\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197677\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197819\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198031\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198032\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198033\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198077\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-45868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1195\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1205\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-27666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28390\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-April/010837.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d0969113\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1048\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-28390\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dlm-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gfs2-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'cluster-md-kmp-rt-5.3.18-150300.85.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'sle-module-rt-release-15.3']},\n {'reference':'dlm-kmp-rt-5.3.18-150300.85.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'sle-module-rt-release-15.3']},\n {'reference':'gfs2-kmp-rt-5.3.18-150300.85.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'sle-module-rt-release-15.3']},\n {'reference':'kernel-devel-rt-5.3.18-150300.85.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'sle-module-rt-release-15.3']},\n {'reference':'kernel-rt-5.3.18-150300.85.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'sle-module-rt-release-15.3']},\n {'reference':'kernel-rt-devel-5.3.18-150300.85.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'sle-module-rt-release-15.3']},\n {'reference':'kernel-rt_debug-devel-5.3.18-150300.85.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'sle-module-rt-release-15.3']},\n {'reference':'kernel-source-rt-5.3.18-150300.85.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'sle-module-rt-release-15.3']},\n {'reference':'kernel-syms-rt-5.3.18-150300.85.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'sle-module-rt-release-15.3']},\n {'reference':'ocfs2-kmp-rt-5.3.18-150300.85.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_RT-release-15.3', 'sle-module-rt-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cluster-md-kmp-rt / dlm-kmp-rt / gfs2-kmp-rt / kernel-devel-rt / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:09", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 (CVE-2022-1055)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. (CVE-2022-1195)\n\n - A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak. (CVE-2022-1280)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. (CVE-2022-30594)\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c function in RPCRDMA_HDRLEN_MIN (7) (in rpcrdma_max_call_header_size, rpcrdma_max_reply_header_size). This flaw allows an attacker with normal user privileges to leak kernel information. (CVE-2022-0812)\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)\n\n - No description is available for this CVE. (CVE-2022-1198)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A use-after-free flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system. (CVE-2022-1204)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-07-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2022-2090)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0171", "CVE-2022-0494", "CVE-2022-0812", "CVE-2022-0854", "CVE-2022-1012", "CVE-2022-1055", "CVE-2022-1195", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1204", "CVE-2022-1205", "CVE-2022-1280", "CVE-2022-1353", "CVE-2022-1516", "CVE-2022-28356", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390", "CVE-2022-30594"], "modified": "2023-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bpftool", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-abi-whitelists", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:uvp:2.10.0"], "id": "EULEROS_SA-2022-2090.NASL", "href": "https://www.tenable.com/plugins/nessus/163171", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163171);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/06\");\n\n script_cve_id(\n \"CVE-2022-0171\",\n \"CVE-2022-0494\",\n \"CVE-2022-0812\",\n \"CVE-2022-0854\",\n \"CVE-2022-1012\",\n \"CVE-2022-1055\",\n \"CVE-2022-1195\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1204\",\n \"CVE-2022-1205\",\n \"CVE-2022-1280\",\n \"CVE-2022-1353\",\n \"CVE-2022-1516\",\n \"CVE-2022-28356\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\",\n \"CVE-2022-30594\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2022-2090)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in\n the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or\n CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain\n privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past\n commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 (CVE-2022-1055)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a\n local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device\n is detached and reclaim resources early. (CVE-2022-1195)\n\n - A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux\n kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of\n service (DoS) or a kernel information leak. (CVE-2022-1280)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This\n flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a\n leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols\n functionality in the way a user terminates their session using a simulated Ethernet card and continued\n usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers\n to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. (CVE-2022-30594)\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root\n (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD\n CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c function in\n RPCRDMA_HDRLEN_MIN (7) (in rpcrdma_max_call_header_size, rpcrdma_max_reply_header_size). This flaw allows\n an attacker with normal user privileges to leak kernel information. (CVE-2022-0812)\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak\n (CVE-2022-1012)\n\n - No description is available for this CVE. (CVE-2022-1198)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A use-after-free flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the\n way a user connects with the protocol. This flaw allows a local user to crash the system. (CVE-2022-1204)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality\n in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2090\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a9442805\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0494\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bpftool-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"kernel-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"kernel-abi-whitelists-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"kernel-devel-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"kernel-headers-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"kernel-tools-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"kernel-tools-libs-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"kernel-tools-libs-devel-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"perf-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"python3-perf-4.18.0-147.5.2.10.h913.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-15T16:14:25", "description": "The version of kernel installed on the remote host is prior to 5.10.109-104.500. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-013 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1048)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-02T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-013)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1048", "CVE-2022-20368", "CVE-2022-26490", "CVE-2022-27666", "CVE-2022-28356"], "modified": "2023-08-14T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-livepatch-5.10.109-104.500", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALASKERNEL-5_10-2022-013.NASL", "href": "https://www.tenable.com/plugins/nessus/160426", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.10-2022-013.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160426);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/08/14\");\n\n script_cve_id(\n \"CVE-2022-1048\",\n \"CVE-2022-20368\",\n \"CVE-2022-26490\",\n \"CVE-2022-28356\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-013)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.10.109-104.500. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-013 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers\n concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM\n for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the\n system. (CVE-2022-1048)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has\n EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and\n net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap\n objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-013.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1048.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-20368.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26490.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-28356.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1048\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-27666\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-livepatch-5.10.109-104.500\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"kpatch.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2022-1048\", \"CVE-2022-20368\", \"CVE-2022-26490\", \"CVE-2022-28356\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.10-2022-013\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-debuginfo-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-debuginfo-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-common-aarch64-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-common-x86_64-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-devel-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-devel-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.109-104.500.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-livepatch-5.10.109-104.500-1.0-0.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-livepatch-5.10.109-104.500-1.0-0.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-debuginfo-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-debuginfo-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-devel-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-devel-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-debuginfo-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-debuginfo-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-debuginfo-5.10.109-104.500.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-debuginfo-5.10.109-104.500.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:43:42", "description": "The version of kernel installed on the remote host is prior to 4.14.275-142.503. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1581 advisory.\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-04-19T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2022-1581)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26490", "CVE-2022-27666", "CVE-2022-28356"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2022-1581.NASL", "href": "https://www.tenable.com/plugins/nessus/159909", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2022-1581.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159909);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-26490\", \"CVE-2022-27666\", \"CVE-2022-28356\");\n script_xref(name:\"ALAS\", value:\"2022-1581\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2022-1581)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 4.14.275-142.503. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS-2022-1581 advisory.\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has\n EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and\n net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap\n objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2022-1581.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26490.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-27666.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-28356.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-27666\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2022-26490\", \"CVE-2022-27666\", \"CVE-2022-28356\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALAS-2022-1581\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'kernel-4.14.275-142.503.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.14.275-142.503.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.275-142.503.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.275-142.503.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-i686-4.14.275-142.503.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-4.14.275-142.503.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.275-142.503.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.275-142.503.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.275-142.503.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.275-142.503.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.275-142.503.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.275-142.503.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.275-142.503.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.275-142.503.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.275-142.503.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.275-142.503.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.275-142.503.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.275-142.503.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.275-142.503.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.275-142.503.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:43:42", "description": "The version of kernel installed on the remote host is prior to 4.14.275-207.503. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1774 advisory.\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-04-19T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALAS-2022-1774)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-26490", "CVE-2022-27666", "CVE-2022-28356"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-livepatch-4.14.275-207.503", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2022-1774.NASL", "href": "https://www.tenable.com/plugins/nessus/159911", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2022-1774.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159911);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-26490\", \"CVE-2022-27666\", \"CVE-2022-28356\");\n script_xref(name:\"ALAS\", value:\"2022-1774\");\n\n script_name(english:\"Amazon Linux 2 : kernel (ALAS-2022-1774)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 4.14.275-207.503. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2022-1774 advisory.\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has\n EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and\n net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap\n objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2022-1774.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26490.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-27666.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-28356.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-27666\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-livepatch-4.14.275-207.503\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2022-26490\", \"CVE-2022-27666\", \"CVE-2022-28356\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALAS-2022-1774\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'kernel-4.14.275-207.503.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.14.275-207.503.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.275-207.503.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.275-207.503.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-aarch64-4.14.275-207.503.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-4.14.275-207.503.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.275-207.503.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.275-207.503.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.275-207.503.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.275-207.503.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.275-207.503.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-livepatch-4.14.275-207.503-1.0-0.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.275-207.503.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.275-207.503.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.275-207.503.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.275-207.503.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.275-207.503.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.275-207.503.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.275-207.503.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.275-207.503.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.275-207.503.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.275-207.503.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.275-207.503.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.275-207.503.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-debuginfo-4.14.275-207.503.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-debuginfo-4.14.275-207.503.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:56", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 (CVE-2022-1055)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. (CVE-2022-1195)\n\n - A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak. (CVE-2022-1280)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. (CVE-2022-30594)\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c function in RPCRDMA_HDRLEN_MIN (7) (in rpcrdma_max_call_header_size, rpcrdma_max_reply_header_size). This flaw allows an attacker with normal user privileges to leak kernel information. (CVE-2022-0812)\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012)\n\n - No description is available for this CVE. (CVE-2022-1198)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A use-after-free flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system. (CVE-2022-1204)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-07-29T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-2134)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0171", "CVE-2022-0494", "CVE-2022-0812", "CVE-2022-0854", "CVE-2022-1012", "CVE-2022-1055", "CVE-2022-1195", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1204", "CVE-2022-1205", "CVE-2022-1280", "CVE-2022-1353", "CVE-2022-1516", "CVE-2022-28356", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390", "CVE-2022-30594"], "modified": "2023-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bpftool", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-abi-stablelists", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2134.NASL", "href": "https://www.tenable.com/plugins/nessus/163565", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163565);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/06\");\n\n script_cve_id(\n \"CVE-2022-0171\",\n \"CVE-2022-0494\",\n \"CVE-2022-0812\",\n \"CVE-2022-0854\",\n \"CVE-2022-1012\",\n \"CVE-2022-1055\",\n \"CVE-2022-1195\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1204\",\n \"CVE-2022-1205\",\n \"CVE-2022-1280\",\n \"CVE-2022-1353\",\n \"CVE-2022-1516\",\n \"CVE-2022-28356\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\",\n \"CVE-2022-30594\"\n );\n\n script_name(english:\"EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-2134)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in\n the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or\n CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain\n privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past\n commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 (CVE-2022-1055)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a\n local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device\n is detached and reclaim resources early. (CVE-2022-1195)\n\n - A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux\n kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of\n service (DoS) or a kernel information leak. (CVE-2022-1280)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This\n flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a\n leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols\n functionality in the way a user terminates their session using a simulated Ethernet card and continued\n usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers\n to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. (CVE-2022-30594)\n\n - A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root\n (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD\n CPU that supports Secure Encrypted Virtualization (SEV). (CVE-2022-0171)\n\n - An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c function in\n RPCRDMA_HDRLEN_MIN (7) (in rpcrdma_max_call_header_size, rpcrdma_max_reply_header_size). This flaw allows\n an attacker with normal user privileges to leak kernel information. (CVE-2022-0812)\n\n - kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak\n (CVE-2022-1012)\n\n - No description is available for this CVE. (CVE-2022-1198)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A use-after-free flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the\n way a user connects with the protocol. This flaw allows a local user to crash the system. (CVE-2022-1204)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality\n in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2134\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2f8ba0af\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-0494\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-abi-stablelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bpftool-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"kernel-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"kernel-abi-stablelists-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"kernel-tools-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"kernel-tools-libs-4.18.0-147.5.2.10.h913.eulerosv2r10\",\n \"python3-perf-4.18.0-147.5.2.10.h913.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:33:19", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5539-1 advisory.\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. (CVE-2022-1195)\n\n - With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.\n (CVE-2022-1789)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.\n (CVE-2022-33981)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A use-after-free flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system. (CVE-2022-1204)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-29T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5539-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1195", "CVE-2022-1199", "CVE-2022-1204", "CVE-2022-1205", "CVE-2022-1789", "CVE-2022-28388", "CVE-2022-33981"], "modified": "2023-03-23T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1042-bluefield", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1078-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1084-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-bluefield", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke"], "id": "UBUNTU_USN-5539-1.NASL", "href": "https://www.tenable.com/plugins/nessus/163525", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5539-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163525);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\n \"CVE-2022-1195\",\n \"CVE-2022-1199\",\n \"CVE-2022-1204\",\n \"CVE-2022-1205\",\n \"CVE-2022-1789\",\n \"CVE-2022-28388\",\n \"CVE-2022-33981\"\n );\n script_xref(name:\"USN\", value:\"5539-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5539-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the USN-5539-1 advisory.\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a\n local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device\n is detached and reclaim resources early. (CVE-2022-1195)\n\n - With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID\n is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.\n (CVE-2022-1789)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of\n a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.\n (CVE-2022-33981)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A use-after-free flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the\n way a user connects with the protocol. This flaw allows a local user to crash the system. (CVE-2022-1204)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality\n in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5539-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1789\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/04/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1042-bluefield\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1078-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1084-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-bluefield\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gcp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.4.0-\\d{4}-(bluefield|gcp|gke))$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.4.0-\\d{4}-bluefield\" : \"5.4.0-1042\",\n \"5.4.0-\\d{4}-gcp\" : \"5.4.0-1084\",\n \"5.4.0-\\d{4}-gke\" : \"5.4.0-1078\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5539-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-1195', 'CVE-2022-1199', 'CVE-2022-1204', 'CVE-2022-1205', 'CVE-2022-1789', 'CVE-2022-28388', 'CVE-2022-33981');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5539-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:45:08", "description": "The version of kernel-generic installed on the remote host is prior to 5.15.38 / 5.15.38_smp. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-129-01 advisory.\n\n - Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0001)\n\n - Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)\n\n - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)\n\n - A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel's BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system. (CVE-2022-0500)\n\n - Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc. (CVE-2022-0742)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - An out-of-bounds (OOB) memory write flaw was found in the Linux kernel's watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system. (CVE-2022-0995)\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. (CVE-2022-1011)\n\n - A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem.\n This flaw allows a local user to cause an out-of-bounds write issue. (CVE-2022-1015)\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1048)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished.\n The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 (CVE-2022-23036, CVE-2022-23037, CVE-2022-23038, CVE-2022-23039, CVE-2022-23040, CVE-2022-23041, CVE-2022-23042)\n\n - kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types. (CVE-2022-23222)\n\n - Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. (CVE-2022-23960)\n\n - drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.\n (CVE-2022-24958)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. (CVE-2022-29582)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-10T00:00:00", "type": "nessus", "title": "Slackware Linux 15.0 kernel-generic Multiple Vulnerabilities (SSA:2022-129-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0168", "CVE-2022-0494", "CVE-2022-0500", "CVE-2022-0742", "CVE-2022-0854", "CVE-2022-0995", "CVE-2022-1011", "CVE-2022-1015", "CVE-2022-1016", "CVE-2022-1048", "CVE-2022-1158", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1204", "CVE-2022-1205", "CVE-2022-1263", "CVE-2022-1353", "CVE-2022-1516", "CVE-2022-23036", "CVE-2022-23037", "CVE-2022-23038", "CVE-2022-23039", "CVE-2022-23040", "CVE-2022-23041", "CVE-2022-23042", "CVE-2022-23222", "CVE-2022-23960", "CVE-2022-24958", "CVE-2022-26490", "CVE-2022-27666", "CVE-2022-28356", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390", "CVE-2022-29582"], "modified": "2023-01-13T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:kernel-generic", "p-cpe:/a:slackware:slackware_linux:kernel-generic-smp", "p-cpe:/a:slackware:slackware_linux:kernel-headers", "p-cpe:/a:slackware:slackware_linux:kernel-huge", "p-cpe:/a:slackware:slackware_linux:kernel-huge-smp", "p-cpe:/a:slackware:slackware_linux:kernel-modules", "p-cpe:/a:slackware:slackware_linux:kernel-modules-smp", "p-cpe:/a:slackware:slackware_linux:kernel-source", "cpe:/o:slackware:slackware_linux:15.0"], "id": "SLACKWARE_SSA_2022-129-01.NASL", "href": "https://www.tenable.com/plugins/nessus/160874", "sourceData": "##\n# (C) Tenable, Inc.\n##\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Slackware Security Advisory SSA:2022-129-01. The text\n# itself is copyright (C) Slackware Linux, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160874);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/13\");\n\n script_cve_id(\n \"CVE-2022-0001\",\n \"CVE-2022-0002\",\n \"CVE-2022-0168\",\n \"CVE-2022-0494\",\n \"CVE-2022-0500\",\n \"CVE-2022-0742\",\n \"CVE-2022-0854\",\n \"CVE-2022-0995\",\n \"CVE-2022-1011\",\n \"CVE-2022-1015\",\n \"CVE-2022-1016\",\n \"CVE-2022-1048\",\n \"CVE-2022-1158\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1204\",\n \"CVE-2022-1205\",\n \"CVE-2022-1263\",\n \"CVE-2022-1353\",\n \"CVE-2022-1516\",\n \"CVE-2022-23036\",\n \"CVE-2022-23037\",\n \"CVE-2022-23038\",\n \"CVE-2022-23039\",\n \"CVE-2022-23040\",\n \"CVE-2022-23041\",\n \"CVE-2022-23042\",\n \"CVE-2022-23222\",\n \"CVE-2022-23960\",\n \"CVE-2022-24958\",\n \"CVE-2022-26490\",\n \"CVE-2022-27666\",\n \"CVE-2022-28356\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\",\n \"CVE-2022-29582\"\n );\n\n script_name(english:\"Slackware Linux 15.0 kernel-generic Multiple Vulnerabilities (SSA:2022-129-01)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Slackware Linux host is missing a security update to kernel-generic.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel-generic installed on the remote host is prior to 5.15.38 / 5.15.38_smp. It is, therefore, affected\nby multiple vulnerabilities as referenced in the SSA:2022-129-01 advisory.\n\n - Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may\n allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0001)\n\n - Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an\n authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)\n\n - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in\n the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or\n CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)\n\n - A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds\n memory write in the Linux kernel's BPF subsystem due to the way a user loads BTF. This flaw allows a local\n user to crash or escalate their privileges on the system. (CVE-2022-0500)\n\n - Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making\n it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit\n 2d3916f3189172d5c69d33065c3c21119fe539fc. (CVE-2022-0742)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - An out-of-bounds (OOB) memory write flaw was found in the Linux kernel's watch_queue event notification\n subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain\n privileged access or cause a denial of service on the system. (CVE-2022-0995)\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in\n privilege escalation. (CVE-2022-1011)\n\n - A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem.\n This flaw allows a local user to cause an out-of-bounds write issue. (CVE-2022-1015)\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers\n concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM\n for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the\n system. (CVE-2022-1048)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This\n flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a\n leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols\n functionality in the way a user terminates their session using a simulated Ethernet card and continued\n usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to\n multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV\n device frontends are using the grant table interfaces for removing access rights of the backends in ways\n being subject to race conditions, resulting in potential data leaks, data corruption by malicious\n backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the\n gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they\n assume that a following removal of the granted access will always succeed, which is not true in case the\n backend has mapped the granted page between those two operations. As a result the backend can keep access\n to the memory page of the guest no matter how the page will be used after the frontend I/O has finished.\n The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of\n a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038\n gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus,\n 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no\n longer in use, but the freeing of the related data page is not synchronized with dropping the granted\n access. As a result the backend can keep access to the memory page even after it has been freed and then\n re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to\n revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which\n can be triggered by the backend. CVE-2022-23042 (CVE-2022-23036, CVE-2022-23037, CVE-2022-23038,\n CVE-2022-23039, CVE-2022-23040, CVE-2022-23041, CVE-2022-23042)\n\n - kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of\n the availability of pointer arithmetic via certain *_OR_NULL pointer types. (CVE-2022-23222)\n\n - Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation,\n aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to\n influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive\n information. (CVE-2022-23960)\n\n - drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.\n (CVE-2022-24958)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has\n EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and\n net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap\n objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring\n timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race\n condition perhaps can only be exploited infrequently. (CVE-2022-29582)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected kernel-generic package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23222\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-28390\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Watch Queue Out of Bounds Write');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-generic-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-huge-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-modules-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:15.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Slackware Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\ninclude(\"slackware.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\nvar flag = 0;\nvar constraints = [\n { 'fixed_version' : '5.15.38', 'product' : 'kernel-generic', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'i586' },\n { 'fixed_version' : '5.15.38', 'product' : 'kernel-huge', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'i586' },\n { 'fixed_version' : '5.15.38', 'product' : 'kernel-modules', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'i586' },\n { 'fixed_version' : '5.15.38_smp', 'product' : 'kernel-generic-smp', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'i686' },\n { 'fixed_version' : '5.15.38_smp', 'product' : 'kernel-huge-smp', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'i686' },\n { 'fixed_version' : '5.15.38_smp', 'product' : 'kernel-modules-smp', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'i686' },\n { 'fixed_version' : '5.15.38', 'product' : 'kernel-source', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'noarch' },\n { 'fixed_version' : '5.15.38_smp', 'product' : 'kernel-source', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'noarch' },\n { 'fixed_version' : '5.15.38', 'product' : 'kernel-headers', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'x86' },\n { 'fixed_version' : '5.15.38_smp', 'product' : 'kernel-headers', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'x86' },\n { 'fixed_version' : '5.15.38', 'product' : 'kernel-generic', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'x86_64' },\n { 'fixed_version' : '5.15.38', 'product' : 'kernel-huge', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'x86_64' },\n { 'fixed_version' : '5.15.38', 'product' : 'kernel-modules', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1', 'arch' : 'x86_64' }\n];\n\nforeach constraint (constraints) {\n var pkg_arch = constraint['arch'];\n var arch = NULL;\n if (pkg_arch == \"x86_64\") {\n arch = pkg_arch;\n }\n if (slackware_check(osver:constraint['os_version'],\n arch:arch,\n pkgname:constraint['product'],\n pkgver:constraint['fixed_version'],\n pkgarch:pkg_arch,\n pkgnum:constraint['service_pack'])) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : slackware_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-24T16:40:54", "description": "The version of kernel installed on the remote host is prior to 4.14.276-211.499. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1793 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. (CVE-2022-1011)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-05T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALAS-2022-1793)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1011", "CVE-2022-1353", "CVE-2022-1516", "CVE-2022-28389", "CVE-2022-28390", "CVE-2023-1637"], "modified": "2023-08-23T00:00:00", "cpe": ["cpe:/o:amazon:linux:2", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-livepatch-4.14.276-211.499"], "id": "AL2_ALAS-2022-1793.NASL", "href": "https://www.tenable.com/plugins/nessus/160578", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2022-1793.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160578);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/08/23\");\n\n script_cve_id(\n \"CVE-2022-1011\",\n \"CVE-2022-1353\",\n \"CVE-2022-1516\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\",\n \"CVE-2023-1637\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALAS-2022-1793)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 4.14.276-211.499. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2022-1793 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in\n privilege escalation. (CVE-2022-1011)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This\n flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a\n leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols\n functionality in the way a user terminates their session using a simulated Ethernet card and continued\n usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2022-1793.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1011.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1353.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1516.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-28389.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-28390.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-1637.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-28390\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-livepatch-4.14.276-211.499\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"kpatch.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2022-1011\", \"CVE-2022-1353\", \"CVE-2022-1516\", \"CVE-2022-28389\", \"CVE-2022-28390\", \"CVE-2023-1637\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALAS-2022-1793\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'kernel-4.14.276-211.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-4.14.276-211.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.276-211.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-4.14.276-211.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-aarch64-4.14.276-211.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debuginfo-common-x86_64-4.14.276-211.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.276-211.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-4.14.276-211.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.276-211.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.276-211.499.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-4.14.276-211.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-livepatch-4.14.276-211.499-1.0-0.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.276-211.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-4.14.276-211.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.276-211.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-debuginfo-4.14.276-211.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.276-211.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-devel-4.14.276-211.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.276-211.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-4.14.276-211.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.276-211.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-debuginfo-4.14.276-211.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.276-211.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.276-211.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-debuginfo-4.14.276-211.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-debuginfo-4.14.276-211.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-09T15:23:53", "description": "The version of kernel installed on the remote host is prior to 5.4.188-104.359. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-025 advisory.\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-02T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-025)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-20368", "CVE-2022-26490", "CVE-2022-27666", "CVE-2022-28356"], "modified": "2023-09-05T00:00:00", "cpe": ["cpe:/o:amazon:linux:2", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo"], "id": "AL2_ALASKERNEL-5_4-2022-025.NASL", "href": "https://www.tenable.com/plugins/nessus/160457", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.4-2022-025.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160457);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/05\");\n\n script_cve_id(\n \"CVE-2022-20368\",\n \"CVE-2022-26490\",\n \"CVE-2022-27666\",\n \"CVE-2022-28356\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.4-2022-025)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.4.188-104.359. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-025 advisory.\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has\n EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and\n net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap\n objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2022-025.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-20368.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-26490.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-27666.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-28356.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-27666\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"kpatch.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2022-20368\", \"CVE-2022-26490\", \"CVE-2022-27666\", \"CVE-2022-28356\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.4-2022-025\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'bpftool-debuginfo-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-aarch64-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-debuginfo-common-x86_64-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-devel-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.188-104.359.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-headers-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-debuginfo-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'kernel-tools-devel-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'perf-debuginfo-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.188-104.359.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'},\n {'reference':'python-perf-debuginfo-5.4.188-104.359.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.4'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:31:35", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-185125206References: Upstream kernel (CVE-2021-39698)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel (CVE-2021-39713)\n\n - Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0001)\n\n - Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)\n\n - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak. (CVE-2022-1280)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.Product:\n AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel (CVE-2022-20008)\n\n - Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. (CVE-2022-23960)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. (CVE-2022-29582)\n\n - No description is available for this CVE. (CVE-2022-1198)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-07-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2022-2110)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39698", "CVE-2021-39713", "CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0494", "CVE-2022-0854", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1205", "CVE-2022-1280", "CVE-2022-1353", "CVE-2022-1516", "CVE-2022-20008", "CVE-2022-23960", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390", "CVE-2022-29582"], "modified": "2022-10-19T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:bpftool", "p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-abi-stablelists", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:uvp:2.10.1"], "id": "EULEROS_SA-2022-2110.NASL", "href": "https://www.tenable.com/plugins/nessus/163167", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163167);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/19\");\n\n script_cve_id(\n \"CVE-2021-39698\",\n \"CVE-2021-39713\",\n \"CVE-2022-0001\",\n \"CVE-2022-0002\",\n \"CVE-2022-0494\",\n \"CVE-2022-0854\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1205\",\n \"CVE-2022-1280\",\n \"CVE-2022-1353\",\n \"CVE-2022-1516\",\n \"CVE-2022-20008\",\n \"CVE-2022-23960\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\",\n \"CVE-2022-29582\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2022-2110)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This\n could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-185125206References: Upstream kernel (CVE-2021-39698)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel\n (CVE-2021-39713)\n\n - Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may\n allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0001)\n\n - Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an\n authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)\n\n - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in\n the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or\n CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux\n kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of\n service (DoS) or a kernel information leak. (CVE-2022-1280)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This\n flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a\n leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols\n functionality in the way a user terminates their session using a simulated Ethernet card and continued\n usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized\n data. This could lead to local information disclosure if reading from an SD card that triggers errors,\n with no additional execution privileges needed. User interaction is not needed for exploitation.Product:\n AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel (CVE-2022-20008)\n\n - Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation,\n aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to\n influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive\n information. (CVE-2022-23960)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring\n timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race\n condition perhaps can only be exploited infrequently. (CVE-2022-29582)\n\n - No description is available for this CVE. (CVE-2022-1198)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality\n in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2110\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8e405f1e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39698\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-28390\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-abi-stablelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"bpftool-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"kernel-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"kernel-abi-stablelists-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"kernel-devel-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"kernel-headers-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"kernel-tools-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"kernel-tools-libs-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"kernel-tools-libs-devel-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"perf-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"python3-perf-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:33:33", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-185125206References: Upstream kernel (CVE-2021-39698)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel (CVE-2021-39713)\n\n - Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0001)\n\n - Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)\n\n - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of service (DoS) or a kernel information leak. (CVE-2022-1280)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if reading from an SD card that triggers errors, with no additional execution privileges needed. User interaction is not needed for exploitation.Product:\n AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel (CVE-2022-20008)\n\n - Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. (CVE-2022-23960)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. (CVE-2022-29582)\n\n - No description is available for this CVE. (CVE-2022-1198)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-07-29T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-2159)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39698", "CVE-2021-39713", "CVE-2022-0001", "CVE-2022-0002", "CVE-2022-0494", "CVE-2022-0854", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1205", "CVE-2022-1280", "CVE-2022-1353", "CVE-2022-1516", "CVE-2022-20008", "CVE-2022-23960", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390", "CVE-2022-29582"], "modified": "2022-10-19T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-abi-stablelists", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:python3-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2159.NASL", "href": "https://www.tenable.com/plugins/nessus/163543", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163543);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/19\");\n\n script_cve_id(\n \"CVE-2021-39698\",\n \"CVE-2021-39713\",\n \"CVE-2022-0001\",\n \"CVE-2022-0002\",\n \"CVE-2022-0494\",\n \"CVE-2022-0854\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1205\",\n \"CVE-2022-1280\",\n \"CVE-2022-1353\",\n \"CVE-2022-1516\",\n \"CVE-2022-20008\",\n \"CVE-2022-23960\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\",\n \"CVE-2022-29582\"\n );\n\n script_name(english:\"EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-2159)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This\n could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-185125206References: Upstream kernel (CVE-2021-39698)\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel\n (CVE-2021-39713)\n\n - Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may\n allow an authorized user to potentially enable information disclosure via local access. (CVE-2022-0001)\n\n - Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an\n authorized user to potentially enable information disclosure via local access. (CVE-2022-0002)\n\n - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in\n the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or\n CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free vulnerability was found in drm_lease_held in drivers/gpu/drm/drm_lease.c in the Linux\n kernel due to a race problem. This flaw allows a local user privilege attacker to cause a denial of\n service (DoS) or a kernel information leak. (CVE-2022-1280)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This\n flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a\n leak of internal kernel information. (CVE-2022-1353)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols\n functionality in the way a user terminates their session using a simulated Ethernet card and continued\n usage of this connection. This flaw allows a local user to crash the system. (CVE-2022-1516)\n\n - In mmc_blk_read_single of block.c, there is a possible way to read kernel heap memory due to uninitialized\n data. This could lead to local information disclosure if reading from an SD card that triggers errors,\n with no additional execution privileges needed. User interaction is not needed for exploitation.Product:\n AndroidVersions: Android kernelAndroid ID: A-216481035References: Upstream kernel (CVE-2022-20008)\n\n - Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation,\n aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to\n influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive\n information. (CVE-2022-23960)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\n - In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring\n timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race\n condition perhaps can only be exploited infrequently. (CVE-2022-29582)\n\n - No description is available for this CVE. (CVE-2022-1198)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality\n in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2159\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?57bf4fc0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39698\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-28390\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-abi-stablelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"kernel-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"kernel-abi-stablelists-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"kernel-tools-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"kernel-tools-libs-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\",\n \"python3-perf-4.19.90-vhulk2204.1.0.h1121.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-10T16:43:47", "description": "The version of kernel installed on the remote host is prior to 5.10.112-108.499. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2023-036 advisory.\n\n - A denial of service (DOS) issue was found in the Linux kernel's smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.\n (CVE-2022-0168)\n\n - A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition. (CVE-2022-1158)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. (CVE-2022-1353)\n\n - In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race condition perhaps can only be exploited infrequently. (CVE-2022-29582)\n\n - A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from suspend-to-RAM. A local user could use this flaw to potentially get unauthorized access to some memory of the CPU similar to the speculative execution behavior kind of attacks. (CVE-2023-1637)\n\n - Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2023-28410)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-09-06T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALASKERNEL-5.10-2023-036)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-0168", "CVE-2022-1158", "CVE-2022-1353", "CVE-2022-29582", "CVE-2023-1637", "CVE-2023-28410"], "modified": "2023-09-07T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:bpftool", "p-cpe:/a:amazon:linux:bpftool-debuginfo", "p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-livepatch-5.10.112-108.499", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALASKERNEL-5_10-2023-036.NASL", "href": "https://www.tenable.com/plugins/nessus/180564", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALASKERNEL-5.10-2023-036.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(180564);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/07\");\n\n script_cve_id(\n \"CVE-2022-0168\",\n \"CVE-2022-1158\",\n \"CVE-2022-1353\",\n \"CVE-2022-29582\",\n \"CVE-2023-1637\",\n \"CVE-2023-28410\"\n );\n\n script_name(english:\"Amazon Linux 2 : kernel (ALASKERNEL-5.10-2023-036)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of kernel installed on the remote host is prior to 5.10.112-108.499. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2KERNEL-5.10-2023-036 advisory.\n\n - A denial of service (DOS) issue was found in the Linux kernel's smb2_ioctl_query_info function in the\n fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user\n function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system.\n (CVE-2022-0168)\n\n - A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the\n offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw\n allows unprivileged local users on the host to write outside the userspace region and potentially corrupt\n the kernel, resulting in a denial of service condition. (CVE-2022-1158)\n\n - A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This\n flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a\n leak of internal kernel information. (CVE-2022-1353)\n\n - In the Linux kernel before 5.17.3, fs/io_uring.c has a use-after-free due to a race condition in io_uring\n timeouts. This can be triggered by a local user who has no access to any user namespace; however, the race\n condition perhaps can only be exploited infrequently. (CVE-2022-29582)\n\n - A flaw that boot CPU could be vulnerable for the speculative execution behavior kind of attacks in the\n Linux kernel X86 CPU Power management options functionality was found in the way user resuming CPU from\n suspend-to-RAM. A local user could use this flaw to potentially get unauthorized access to some memory of\n the CPU similar to the speculative execution behavior kind of attacks. (CVE-2023-1637)\n\n - Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics\n drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable\n escalation of privilege via local access. (CVE-2023-28410)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2023-036.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-0168.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1158.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-1353.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-29582.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-1637.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2023-28410.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update kernel' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29582\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2023-28410\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/04/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/09/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:bpftool-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-aarch64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-livepatch-5.10.112-108.499\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"kpatch.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\ninclude(\"hotfixes.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif (get_one_kb_item(\"Host/kpatch/kernel-cves\"))\n{\n set_hotfix_type(\"kpatch\");\n var cve_list = make_list(\"CVE-2022-0168\", \"CVE-2022-1158\", \"CVE-2022-1353\", \"CVE-2022-29582\", \"CVE-2023-1637\", \"CVE-2023-28410\");\n if (hotfix_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"kpatch hotfix for ALASKERNEL-5.10-2023-036\");\n }\n else\n {\n __rpm_report = hotfix_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'bpftool-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-debuginfo-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'bpftool-debuginfo-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-common-aarch64-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-debuginfo-common-x86_64-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-devel-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-devel-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.112-108.499.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-headers-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-livepatch-5.10.112-108.499-1.0-0.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-livepatch-5.10.112-108.499-1.0-0.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-debuginfo-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-debuginfo-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-devel-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'kernel-tools-devel-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-debuginfo-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'perf-debuginfo-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-debuginfo-5.10.112-108.499.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'},\n {'reference':'python-perf-debuginfo-5.10.112-108.499.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-5.10'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bpftool / bpftool-debuginfo / kernel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:32:02", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5514-1 advisory.\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. (CVE-2022-1195)\n\n - With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.\n (CVE-2022-1789)\n\n - drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.\n (CVE-2022-33981)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A use-after-free flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system. (CVE-2022-1204)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-14T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5514-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1195", "CVE-2022-1199", "CVE-2022-1204", "CVE-2022-1205", "CVE-2022-1789", "CVE-2022-33981"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1029-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1049-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1071-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1078-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1081-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1086-azurefde", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-122-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-122-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-122-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-aws", "p-cpe:/a:canonical:ubuntu_linux:linux-image-azurefde", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gke", "p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop", "p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency"], "id": "UBUNTU_USN-5514-1.NASL", "href": "https://www.tenable.com/plugins/nessus/163113", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5514-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163113);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\n \"CVE-2022-1195\",\n \"CVE-2022-1199\",\n \"CVE-2022-1204\",\n \"CVE-2022-1205\",\n \"CVE-2022-1789\",\n \"CVE-2022-33981\"\n );\n script_xref(name:\"USN\", value:\"5514-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5514-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the USN-5514-1 advisory.\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a\n local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device\n is detached and reclaim resources early. (CVE-2022-1195)\n\n - With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID\n is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.\n (CVE-2022-1789)\n\n - drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of\n a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.\n (CVE-2022-33981)\n\n - kernel: Null pointer dereference and use after free in ax25_release() (CVE-2022-1199)\n\n - A use-after-free flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the\n way a user connects with the protocol. This flaw allows a local user to crash the system. (CVE-2022-1204)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality\n in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5514-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-1789\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/04/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1029-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1049-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1071-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1078-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1081-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-1086-azurefde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-122-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-122-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-5.4.0-122-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-azurefde\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gke\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-gkeop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-ibm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\ninclude('ksplice.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nvar release = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar machine_kernel_release = get_kb_item_or_exit('Host/uname-r');\nif (machine_kernel_release)\n{\n if (! preg(pattern:\"^(5.4.0-\\d{3}-(generic|generic-lpae|lowlatency)|5.4.0-\\d{4}-(aws|azure-fde|gke|gkeop|ibm|kvm))$\", string:machine_kernel_release)) audit(AUDIT_INST_VER_NOT_VULN, 'kernel ' + machine_kernel_release);\n var extra = '';\n var kernel_mappings = {\n \"5.4.0-\\d{3}-(generic|generic-lpae|lowlatency)\" : \"5.4.0-122\",\n \"5.4.0-\\d{4}-aws\" : \"5.4.0-1081\",\n \"5.4.0-\\d{4}-azure-fde\" : \"5.4.0-1086\",\n \"5.4.0-\\d{4}-gke\" : \"5.4.0-1078\",\n \"5.4.0-\\d{4}-gkeop\" : \"5.4.0-1049\",\n \"5.4.0-\\d{4}-ibm\" : \"5.4.0-1029\",\n \"5.4.0-\\d{4}-kvm\" : \"5.4.0-1071\"\n };\n var trimmed_kernel_release = ereg_replace(string:machine_kernel_release, pattern:\"(-\\D+)$\", replace:'');\n foreach var kernel_regex (keys(kernel_mappings)) {\n if (preg(pattern:kernel_regex, string:machine_kernel_release)) {\n if (deb_ver_cmp(ver1:trimmed_kernel_release, ver2:kernel_mappings[kernel_regex]) < 0)\n {\n extra = extra + 'Running Kernel level of ' + trimmed_kernel_release + ' does not meet the minimum fixed level of ' + kernel_mappings[kernel_regex] + ' for this advisory.\\n\\n';\n }\n else\n {\n audit(AUDIT_PATCH_INSTALLED, 'Kernel package for USN-5514-1');\n }\n }\n }\n}\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n var cve_list = make_list('CVE-2022-1195', 'CVE-2022-1199', 'CVE-2022-1204', 'CVE-2022-1205', 'CVE-2022-1789', 'CVE-2022-33981');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for USN-5514-1');\n }\n else\n {\n extra = extra + ksplice_reporting_text();\n }\n}\nif (extra) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-30T17:20:46", "description": "The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5173 advisory.\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free. (CVE-2022-32250)\n\n - An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system. (CVE-2021-4197)\n\n - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)\n\n - An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information.\n (CVE-2022-0812)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-04T00:00:00", "type": "nessus", "title": "Debian DSA-5173-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-4197", "CVE-2022-0494", "CVE-2022-0812", "CVE-2022-0854", "CVE-2022-1011", "CVE-2022-1012", "CVE-2022-1016", "CVE-2022-1048", "CVE-2022-1184", "CVE-2022-1195", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1204", "CVE-2022-1205", "CVE-2022-1353", "CVE-2022-1419", "CVE-2022-1516", "CVE-2022-1652", "CVE-2022-1729", "CVE-2022-1734", "CVE-2022-1974", "CVE-2022-1975", "CVE-2022-21123", "CVE-2022-21125", "CVE-2022-21166", "CVE-2022-2153", "CVE-2022-23960", "CVE-2022-26490", "CVE-2022-27666", "CVE-2022-28356", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390", "CVE-2022-29581", "CVE-2022-30594", "CVE-2022-32250", "CVE-2022-32296", "CVE-2022-33981"], "modified": "2023-03-21T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-octeon", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rt-arm64", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-arm64", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-armmp", "p-cpe:/a:debian:debian_linux:linux-image-arm64-signed-template", "p-cpe:/a:debian:debian_linux:usbip", "p-cpe:/a:debian:debian_linux:libbpf4.19", "p-cpe:/a:debian:debian_linux:libcpupower1", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-s390x", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-common", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rpi", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-4kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-armmlpae", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-armmlpae", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-armmp", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-armel", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-armhf", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-686-pae-unsigned", "cpe:/o:debian:debian_linux:10.0", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-686-pae", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-powerpc64le", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rpi-dbg", "p-cpe:/a:debian:debian_linux:libcpupower-dev", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-8-x86", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-ppc64el", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-cloud-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-s390x", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-686-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-loongson-3", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-686-pae-unsigned", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-mips64el", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-marvell-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-powerpc64le-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-doc-4.19", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-loongson-3", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rt-686-pae", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-loongson-3-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-marvell", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-octeon-dbg", "p-cpe:/a:debian:debian_linux:libbpf-dev", "p-cpe:/a:debian:debian_linux:linux-config-4.19", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-5kc-malta-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rpi", "p-cpe:/a:debian:debian_linux:linux-kbuild-4.19", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-8-s390", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-i386", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-mipsel", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-common-rt", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-marvell", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-cloud-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-cloud-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-amd64-signed-template", "p-cpe:/a:debian:debian_linux:linux-image-i386-signed-template", "p-cpe:/a:debian:debian_linux:linux-cpupower", "p-cpe:/a:debian:debian_linux:linux-perf-4.19", "p-cpe:/a:debian:debian_linux:hyperv-daemons", "p-cpe:/a:debian:debian_linux:linux-compiler-gcc-8-arm", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-armmlpae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-arm64-unsigned", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-4kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rt-amd64", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-octeon", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-686-pae-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-amd64-unsigned", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-s390x-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-686", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-mips", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-arm64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-armmdbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-support-4.19.0-19", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-5kc-malta", "p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rt-armmp", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-armmdbg", "p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-s390x", "p-cpe:/a:debian:debian_linux:linux-source-4.19"], "id": "DEBIAN_DSA-5173.NASL", "href": "https://www.tenable.com/plugins/nessus/162703", "sourceData": "#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5173. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162703);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\n \"CVE-2021-4197\",\n \"CVE-2022-0494\",\n \"CVE-2022-0812\",\n \"CVE-2022-0854\",\n \"CVE-2022-1011\",\n \"CVE-2022-1012\",\n \"CVE-2022-1016\",\n \"CVE-2022-1048\",\n \"CVE-2022-1184\",\n \"CVE-2022-1195\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1204\",\n \"CVE-2022-1205\",\n \"CVE-2022-1353\",\n \"CVE-2022-1419\",\n \"CVE-2022-1516\",\n \"CVE-2022-1652\",\n \"CVE-2022-1729\",\n \"CVE-2022-1734\",\n \"CVE-2022-1974\",\n \"CVE-2022-1975\",\n \"CVE-2022-2153\",\n \"CVE-2022-21123\",\n \"CVE-2022-21125\",\n \"CVE-2022-21166\",\n \"CVE-2022-23960\",\n \"CVE-2022-26490\",\n \"CVE-2022-27666\",\n \"CVE-2022-28356\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\",\n \"CVE-2022-29581\",\n \"CVE-2022-30594\",\n \"CVE-2022-32250\",\n \"CVE-2022-32296\",\n \"CVE-2022-33981\"\n );\n\n script_name(english:\"Debian DSA-5173-1 : linux - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5173 advisory.\n\n - net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create\n user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to\n a use-after-free. (CVE-2022-32250)\n\n - An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces\n subsystem was found in the way users have access to some less privileged process that are controlled by\n cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of\n control groups. A local user could use this flaw to crash the system or escalate their privileges on the\n system. (CVE-2021-4197)\n\n - A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in\n the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or\n CAP_SYS_RAWIO) to create issues with confidentiality. (CVE-2022-0494)\n\n - An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux\n Kernel. This flaw allows an attacker with normal user privileges to leak kernel information.\n (CVE-2022-0812)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922204\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5173\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-4197\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0494\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-0854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1184\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1195\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1204\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1205\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1353\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1419\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1652\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1974\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-1975\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-21123\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-21125\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-21166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-2153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-23960\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-26490\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-27666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-28356\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-28388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-28389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-28390\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-29581\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-30594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-32250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-32296\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-33981\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/linux\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-32250\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-1012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:hyperv-daemons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbpf-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbpf4.19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libcpupower1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-8-arm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-8-s390\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-compiler-gcc-8-x86\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-config-4.19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-cpupower\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-4.19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-armel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-armhf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-mips\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-mips64el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-mipsel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-ppc64el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-all-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-armmlpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-cloud-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-common-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rt-686-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rt-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rt-arm64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-4.19.0-19-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-4kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-4kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-5kc-malta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-5kc-malta-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-686-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-armmdbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-armmlpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-armmlpae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-cloud-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-cloud-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-loongson-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-loongson-3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-marvell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-marvell-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-octeon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-octeon-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-powerpc64le\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-powerpc64le-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rpi-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-686-pae-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-686-pae-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-amd64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-arm64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-arm64-unsigned\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-armmdbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-rt-armmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-4.19.0-19-s390x-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-amd64-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-arm64-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-i386-signed-template\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-kbuild-4.19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-perf-4.19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-4.19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-4.19.0-19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:usbip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'hyperv-daemons', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'libbpf-dev', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'libbpf4.19', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'libcpupower-dev', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'libcpupower1', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-compiler-gcc-8-arm', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-compiler-gcc-8-s390', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-compiler-gcc-8-x86', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-config-4.19', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-cpupower', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-doc-4.19', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-4kc-malta', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-5kc-malta', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-686', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-686-pae', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-amd64', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-arm64', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-armel', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-armhf', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-i386', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-mips', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-mips64el', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-mipsel', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-ppc64el', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-all-s390x', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-amd64', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-arm64', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-armmp', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-armmp-lpae', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-cloud-amd64', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-common', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-common-rt', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-loongson-3', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-marvell', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-octeon', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-powerpc64le', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-rpi', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-rt-686-pae', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-rt-amd64', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-rt-arm64', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-rt-armmp', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-headers-4.19.0-19-s390x', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-4kc-malta', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-4kc-malta-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-5kc-malta', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-5kc-malta-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-686-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-686-pae-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-686-pae-unsigned', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-686-unsigned', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-amd64-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-amd64-unsigned', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-arm64-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-arm64-unsigned', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-armmp', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-armmp-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-armmp-lpae', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-armmp-lpae-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-cloud-amd64-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-cloud-amd64-unsigned', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-loongson-3', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-loongson-3-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-marvell', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-marvell-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-octeon', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-octeon-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-powerpc64le', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-powerpc64le-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rpi', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rpi-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-686-pae-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-686-pae-unsigned', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-amd64-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-amd64-unsigned', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-arm64-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-arm64-unsigned', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-armmp', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-rt-armmp-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-s390x', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-4.19.0-19-s390x-dbg', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-amd64-signed-template', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-arm64-signed-template', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-image-i386-signed-template', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-kbuild-4.19', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-libc-dev', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-perf-4.19', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-source-4.19', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'linux-support-4.19.0-19', 'reference': '4.19.249-2'},\n {'release': '10.0', 'prefix': 'usbip', 'reference': '4.19.249-2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'hyperv-daemons / libbpf-dev / libbpf4.19 / libcpupower-dev / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T12:38:47", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2776-1 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1679)\n\n - In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel (CVE-2022-20141)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-11T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 18 for SLE 15 SP2) (SUSE-SU-2022:2776-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1679", "CVE-2022-20141", "CVE-2022-26490", "CVE-2022-28389", "CVE-2022-28390"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_78-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2776-1.NASL", "href": "https://www.tenable.com/plugins/nessus/164064", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2776-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164064);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\n \"CVE-2022-1679\",\n \"CVE-2022-20141\",\n \"CVE-2022-26490\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2776-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 18 for SLE 15 SP2) (SUSE-SU-2022:2776-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:2776-1 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user\n forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local\n user to crash or potentially escalate their privileges on the system. (CVE-2022-1679)\n\n - In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead\n to local escalation of privilege when opening and closing inet sockets with no additional execution\n privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android\n kernelAndroid ID: A-112551163References: Upstream kernel (CVE-2022-20141)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has\n EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201517\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201656\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201657\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1679\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26490\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28390\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-August/011893.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1cf62b06\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-5_3_18-24_78-default package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-20141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-28390\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_78-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-livepatch-5_3_18-24_78-default-17-150200.2.2', 'sp':'2', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'kernel-livepatch-5_3_18-24_78-default-17-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.2', 'sle-module-live-patching-release-15.2', 'sles-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-24_78-default');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T10:42:11", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2783-1 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1679)\n\n - In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel (CVE-2022-20141)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-13T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (Live Patch 21 for SLE 15 SP2) (SUSE-SU-2022:2783-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1679", "CVE-2022-20141", "CVE-2022-26490", "CVE-2022-28389", "CVE-2022-28390"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_93-default", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2783-1.NASL", "href": "https://www.tenable.com/plugins/nessus/164097", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2783-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164097);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\n \"CVE-2022-1679\",\n \"CVE-2022-20141\",\n \"CVE-2022-26490\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2783-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (Live Patch 21 for SLE 15 SP2) (SUSE-SU-2022:2783-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:2783-1 advisory.\n\n - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user\n forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local\n user to crash or potentially escalate their privileges on the system. (CVE-2022-1679)\n\n - In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead\n to local escalation of privilege when opening and closing inet sockets with no additional execution\n privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android\n kernelAndroid ID: A-112551163References: Upstream kernel (CVE-2022-20141)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has\n EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201517\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201656\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201657\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1679\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26490\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28390\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-August/011898.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bbb9a720\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-livepatch-5_3_18-24_93-default package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-20141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-28390\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-livepatch-5_3_18-24_93-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-livepatch-5_3_18-24_93-default-14-150200.2.2', 'sp':'2', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'kernel-livepatch-5_3_18-24_93-default-14-150200.2.2', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.2', 'sle-module-live-patching-release-15.2', 'sles-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-livepatch-5_3_18-24_93-default');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T15:00:30", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1163-1 advisory.\n\n - In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-185125206References: Upstream kernel (CVE-2021-39698)\n\n - The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a pointer leak. (CVE-2021-45402)\n\n - In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file. (CVE-2021-45868)\n\n - A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace. (CVE-2022-0850)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. (CVE-2022-1011)\n\n - A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. (CVE-2022-1016)\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1048)\n\n - A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 (CVE-2022-1055)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early. (CVE-2022-1195)\n\n - A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.\n (CVE-2022-1198)\n\n - A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability. (CVE-2022-1199)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\n - Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished.\n The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 (CVE-2022-23036, CVE-2022-23037, CVE-2022-23038, CVE-2022-23039, CVE-2022-23040, CVE-2022-23041, CVE-2022-23042)\n\n - In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access. (CVE-2022-27223)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-04-13T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : kernel (SUSE-SU-2022:1163-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39698", "CVE-2021-45402", "CVE-2021-45868", "CVE-2022-0850", "CVE-2022-0854", "CVE-2022-1011", "CVE-2022-1016", "CVE-2022-1048", "CVE-2022-1055", "CVE-2022-1195", "CVE-2022-1198", "CVE-2022-1199", "CVE-2022-1205", "CVE-2022-23036", "CVE-2022-23037", "CVE-2022-23038", "CVE-2022-23039", "CVE-2022-23040", "CVE-2022-23041", "CVE-2022-23042", "CVE-2022-27223", "CVE-2022-27666", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-azure", "p-cpe:/a:novell:suse_linux:kernel-azure-devel", "p-cpe:/a:novell:suse_linux:kernel-devel-azure", "p-cpe:/a:novell:suse_linux:kernel-source-azure", "p-cpe:/a:novell:suse_linux:kernel-syms-azure", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-1163-1.NASL", "href": "https://www.tenable.com/plugins/nessus/159698", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:1163-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159698);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2021-39698\",\n \"CVE-2021-45402\",\n \"CVE-2021-45868\",\n \"CVE-2022-0850\",\n \"CVE-2022-0854\",\n \"CVE-2022-1011\",\n \"CVE-2022-1016\",\n \"CVE-2022-1048\",\n \"CVE-2022-1055\",\n \"CVE-2022-1195\",\n \"CVE-2022-1198\",\n \"CVE-2022-1199\",\n \"CVE-2022-1205\",\n \"CVE-2022-23036\",\n \"CVE-2022-23037\",\n \"CVE-2022-23038\",\n \"CVE-2022-23039\",\n \"CVE-2022-23040\",\n \"CVE-2022-23041\",\n \"CVE-2022-23042\",\n \"CVE-2022-27223\",\n \"CVE-2022-27666\",\n \"CVE-2022-28388\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:1163-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : kernel (SUSE-SU-2022:1163-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:1163-1 advisory.\n\n - In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This\n could lead to local escalation of privilege with no additional execution privileges needed. User\n interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:\n A-185125206References: Upstream kernel (CVE-2021-39698)\n\n - The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not\n properly update bounds while handling the mov32 instruction, which allows local users to obtain\n potentially sensitive address information, aka a pointer leak. (CVE-2021-45402)\n\n - In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota\n tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a\n corrupted quota file. (CVE-2021-45868)\n\n - A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to\n userspace. (CVE-2022-0850)\n\n - A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE.\n This flaw allows a local user to read random memory from the kernel space. (CVE-2022-0854)\n\n - A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write().\n This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in\n privilege escalation. (CVE-2022-1011)\n\n - A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a\n use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel\n information leak problem caused by a local, unprivileged attacker. (CVE-2022-1016)\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers\n concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM\n for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the\n system. (CVE-2022-1048)\n\n - A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain\n privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past\n commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5 (CVE-2022-1055)\n\n - A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a\n local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device\n is detached and reclaim resources early. (CVE-2022-1195)\n\n - A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an\n attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.\n (CVE-2022-1198)\n\n - A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating\n amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free\n vulnerability. (CVE-2022-1199)\n\n - A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality\n in the way a user connects with the protocol. This flaw allows a local user to crash the system.\n (CVE-2022-1205)\n\n - Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to\n multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV\n device frontends are using the grant table interfaces for removing access rights of the backends in ways\n being subject to race conditions, resulting in potential data leaks, data corruption by malicious\n backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the\n gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they\n assume that a following removal of the granted access will always succeed, which is not true in case the\n backend has mapped the granted page between those two operations. As a result the backend can keep access\n to the memory page of the guest no matter how the page will be used after the frontend I/O has finished.\n The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of\n a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038\n gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus,\n 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no\n longer in use, but the freeing of the related data page is not synchronized with dropping the granted\n access. As a result the backend can keep access to the memory page even after it has been freed and then\n re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to\n revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which\n can be triggered by the backend. CVE-2022-23042 (CVE-2022-23036, CVE-2022-23037, CVE-2022-23038,\n CVE-2022-23039, CVE-2022-23040, CVE-2022-23041, CVE-2022-23042)\n\n - In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not\n validated and might be manipulated by the host for out-of-array access. (CVE-2022-27223)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and\n net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap\n objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1065729\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1156395\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1175667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1177028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1178134\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1179639\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1180153\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189562\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194589\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194649\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1194943\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195353\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195640\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196196\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196478\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196488\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196956\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197227\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197243\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197245\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197300\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197302\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197331\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197366\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197460\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197501\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197661\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197675\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197677\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197817\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197819\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197888\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197889\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1197894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198031\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198032\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198033\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1198077\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-39698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-45402\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-45868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-0854\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1195\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1198\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1199\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1205\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23036\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23038\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23039\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23040\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23041\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23042\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-27223\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-27666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28388\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28390\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-April/010687.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?09b2530e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-39698\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-27223\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-azure-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-devel-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms-azure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kernel-azure-5.3.18-150300.38.53.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-azure-devel-5.3.18-150300.38.53.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-devel-azure-5.3.18-150300.38.53.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-source-azure-5.3.18-150300.38.53.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-syms-azure-5.3.18-150300.38.53.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'kernel-azure-5.3.18-150300.38.53.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-public-cloud-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-azure-devel-5.3.18-150300.38.53.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-public-cloud-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-devel-azure-5.3.18-150300.38.53.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-public-cloud-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-source-azure-5.3.18-150300.38.53.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-public-cloud-release-15.3', 'sles-release-15.3']},\n {'reference':'kernel-syms-azure-5.3.18-150300.38.53.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-public-cloud-release-15.3', 'sles-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-azure / kernel-azure-devel / kernel-devel-azure / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T10:40:49", "description": "The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2745-1 advisory.\n\n - The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object. (CVE-2022-1419)\n\n - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1679)\n\n - In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel (CVE-2022-20141)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-11T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (Live Patch 26 for SLE 12 SP5) (SUSE-SU-2022:2745-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-1419", "CVE-2022-1679", "CVE-2022-20141", "CVE-2022-26490", "CVE-2022-28389", "CVE-2022-28390"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_103-default", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-2745-1.NASL", "href": "https://www.tenable.com/plugins/nessus/164065", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2745-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164065);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\n \"CVE-2022-1419\",\n \"CVE-2022-1679\",\n \"CVE-2022-20141\",\n \"CVE-2022-26490\",\n \"CVE-2022-28389\",\n \"CVE-2022-28390\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2745-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (Live Patch 26 for SLE 12 SP5) (SUSE-SU-2022:2745-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:2745-1 advisory.\n\n - The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount\n of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will\n access the freed drm_vgem_gem_object. (CVE-2022-1419)\n\n - A use-after-free flaw was found in the Linux kernel's Atheros wireless adapter driver in the way a user\n forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local\n user to crash or potentially escalate their privileges on the system. (CVE-2022-1679)\n\n - In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead\n to local escalation of privilege when opening and closing inet sockets with no additional execution\n privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android\n kernelAndroid ID: A-112551163References: Upstream kernel (CVE-2022-20141)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has\n EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double\n free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1200605\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201517\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201655\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201656\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1201657\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1419\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-1679\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-20141\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-26490\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28389\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-28390\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-August/011889.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?73e26d84\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kgraft-patch-4_12_14-122_103-default package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-20141\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-28390\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-4_12_14-122_103-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'kgraft-patch-4_12_14-122_103-default-13-2.2', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-live-patching-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kgraft-patch-4_12_14-122_103-default');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-15T14:45:55", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1402-1 advisory.\n\n - Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel (CVE-2021-39713)\n\n - In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file. (CVE-2021-45868)\n\n - An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information.\n (CVE-2022-0812)\n\n - A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace. (CVE-2022-0850)\n\n - A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. (CVE-2022-1016)\n\n - A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system. (CVE-2022-1048)\n\n - Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished.\n The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042 (CVE-2022-23036, CVE-2022-23037, CVE-2022-23038, CVE-2022-23039, CVE-2022-23040, CVE-2022-23041, CVE-2022-23042)\n\n - st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. (CVE-2022-26490)\n\n - An issue was discovered in the Linux kernel before 5.16.12. drivers/net/usb/sr9700.c allows attackers to obtain sensitive information from heap memory via crafted frame lengths from a device. (CVE-2022-26966)\n\n - A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. (CVE-2022-27666)\n\n - In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. (CVE-2022-28356)\n\n - usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28388)\n\n - mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28389)\n\n - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.\n (CVE-2022-28390)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-04-27T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2022:1402-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-39713", "CVE-2021-45868", "CVE-2022-0812", "CVE-2022-0850", "CVE-2022-1016", "CVE-2022-1048", "CVE-2022-23036", "CVE-2022-23037", "CVE-2022-23038", "CVE-2022-23039", "CVE-2022-23040", "CVE-2022-23041", "CVE-2022-23042", "CVE-2022-26490", "CVE-2022-26966", "CVE-2022-27666", "CVE-2022-28356", "CVE-2022-28388", "CVE-2022-28389", "CVE-2022-28390"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:cluster-md-kmp-rt", "p-cpe:/a:novell:suse_linux:dlm-kmp-rt", "p-cpe:/a:novell:suse_linux:gfs2-kmp-rt", "p-cpe:/a:novell:suse_linux:kernel-devel-rt", "p-cpe:/a:novell:suse_linux:kernel-rt", "p-cpe:/a:novell:suse_linux:kernel-rt-base", "p-cpe:/a:novell:suse_linux:kernel-rt-devel", "p-cpe:/a:novell:suse_linux:kernel-rt_debug", "p-cpe:/a:novell:suse_linux:kernel-rt_debug-devel", "p-cpe:/a:novell:suse_linux:kernel-source-rt", "p-cpe:/a:novell:suse_linux:kernel-syms-rt", "p-cpe:/a:novell:suse_linux:ocfs2-kmp-rt", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-1402-1.NASL", "href": "https://www.tenable.com/plugins/nessus/160223", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:1402-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160223);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\n \"CVE-2021-39713\",\n \"CVE-2021-45868\",\n \"CVE-2022-0812\",\n \"CVE-2022-0850\",\n \"CVE-2022-1016\",\n \"CVE-2022-1048\",\n \"CVE-2022-23036\",\n \"CVE-2022-23037\",\n \"CVE-2022-23038\",\n \"CVE-2022-23039\",\n \"CVE-2022-23040\",\n \"CVE-2022-23041\",\n

linux - security update

Description

Affected Software

Related